Forum Discussion

Simeon Lewis's avatar
Simeon Lewis
Copper Contributor
Feb 27, 2021

Attack Surface Reduction V. Security Baselines

Can anyone advice on the difference between Attack Surface Reduction policies and Security Baselines. Both are configurable through MEM under the Endpoint Security section. Lots of overlap. Not sure which I should be using and why. 

  • Reza_Ameri's avatar
    Reza_Ameri
    Silver Contributor

    Simeon Lewis 

    Even though they look similar but they have achieve different goals.

     

    You will use Security Baseline to check and make sure your devices are following best practices for security in general and whether they are good to protect themselves against most threats.

     

    Attack Surface Reduction is like you have a baseline protection but they might be some unknown or 0-days threats which are not being protected yet and this is there to reduce likelihood of a successful attack.

     

    You will need to run both of them.

     

Resources