https://en.wikipedia.org/wiki/Attack_surface
The attack surface of a software environment is the sum of the different points (for “attack vectors“) where an unauthorized user (the “attacker”) can try to enter data to or extract data from an environment