Common Threat Vectors and Attack Surfaces - CompTIA Security+

In physical engineering, the larger the exposed surface area of a structure, the more points of potential failure must be monitored, reinforced, and defended. The same absolute law governs network engineering and cybersecurity. As an organization adds servers, cloud instances, endpoints, and third-party integrations, it expands the physical and digital geography that adversaries can exploit. We define this total sum of all possible entry points into a system or network as the attack surface. Conversely, the threat vector is the specific path or method an attacker uses to traverse that surface and gain unauthorized access to a system. If the attack surface is the broad perimeter wall of a fortress, the threat vector is the specific grappling hook, tunneling machine, or forged letter of transit used to breach it.

To secure a modern IT environment, an administrator must possess a crystalline understanding of both the terrain they are defending (the surface) and the specific trajectories of incoming attacks (the vectors).