Forum Discussion
Simeon Lewis
Feb 27, 2021Copper Contributor
Attack Surface Reduction V. Security Baselines
Can anyone advice on the difference between Attack Surface Reduction policies and Security Baselines. Both are configurable through MEM under the Endpoint Security section. Lots of overlap. Not sure which I should be using and why.
- Reza_AmeriSilver Contributor
Even though they look similar but they have achieve different goals.
You will use Security Baseline to check and make sure your devices are following best practices for security in general and whether they are good to protect themselves against most threats.
Attack Surface Reduction is like you have a baseline protection but they might be some unknown or 0-days threats which are not being protected yet and this is there to reduce likelihood of a successful attack.
You will need to run both of them.