Which term refers to the sum of exposed points that attackers can target, including passive and active reconnaissance techniques?

Attack surface describes the sum of all exposed points an attacker could target, including both passive and active reconnaissance. It encompasses every entry point: network ports and services, web APIs, exposed configurations, identity weaknesses, and even human factors that could be manipulated. Passive reconnaissance collects information without directly interacting with the target, such as public records or social media; active reconnaissance involves direct probing, like scans and banner grabs, to reveal specifics about systems. As new technologies, services, or misconfigurations appear, the attack surface expands, and it can be reduced by secure configurations, strong access controls, and monitoring. Footprinting is the information-gathering phase to understand the target, while fingerprinting digs into details like OS, version, and service fingerprints to tailor an attack. Security posture refers to the overall security readiness and controls of an organization, not the set of exposed points. Thus, the concept in question is the attack surface.