Security Operations Tools
Attack Surface Calculator
Enter internet-facing service count, open ports, privileged accounts, and accounts without MFA to compute attack surface score and reduction recommendations.
No data is transmitted — everything runs locallyTool
Example — 8 internet-facing · 15 open ports · 25 privileged accts · 12 no MFA
Attack surface score
100/100
weighted component sum
Risk level
Critical
Top risk factor
MFA gaps (12 accounts)
prioritize this
MFA coverage
52%
of privileged accounts
About this tool
Attack Surface Calculator
The Attack Surface Calculator scores external and internal attack surface from services, ports, privileged accounts, and MFA coverage with reduction recommendations.
• Baseline attack surface score before a reduction initiative
• Identify highest-impact attack surface reduction opportunity
• Track attack surface score trend quarter-over-quarter
• Calculate attack surface for a security risk assessment
Affiliate disclosure
Credential and secrets management for teams. 1Password provides enterprise password management and secrets infrastructure for development teams.
View attack surface with 1Password
External site · Independent provider · We may receive a commission · Not a recommendation
FAQ
What does this tool tell you?
The Attack Surface Calculator scores external and internal attack surface from services, ports, privileged accounts, and MFA coverage with reduction recommendations.
What affects the result most?
Attack surface: sum of all entry points attackers can use — network, application, human, supply chain. External attack surface: internet-facing IPs, domains, open ports, authentication endpoints. Internal attack surface: credentials, privileged accounts, lateral movement paths.
How should I use the result?
The calculation is deterministic — the same inputs always produce the same output — so the most useful workflow is to vary one input at a time and see which factor moves the result most. That tells you where to focus your attention before committing to a decision.