It was a tool recommended by Microsoft in its SDL guidelines[1] in the verification stage of the development.
It was a problem to check and verify the effects of various software installations on the system way back since Windows Server 2003 was being developed.
Back then they had to use multiple tools for every type of change made to the attack surface.
Using this one tool, you can analyze the changes made to the Registry, File permissions, Windows IIS Server, GAC assemblies and a lot more can be done.
[8] Getting the list of threats to the system is a great thing when you have it from software released by Microsoft itself.
With the improved concerns over security shown by Microsoft, it is important that the severity of a threat is also known to the IT team of an enterprise.
It is surely a desirable feature to enlist the level of severity caused by each threat rather by the category to which it belongs.
There may be a case when a network security expert in an organization is not aware of the details and terminology of some other domain (say Windows Services).
Microsoft has made it easy to find the right resource for the term rather than relying upon the web search engines.
Attack Surface Analyzer makes it easy for the user to browse through the report by listing the threats in categories and providing a Table of contents in an HTML page.
The tool should be able to perform its job on any machine meeting the hardware requirements of the installed Operating System.
After running the baseline scan, the product whose effect on the attack surface of the Operating System is to be checked is installed.
It is worth a note that more than one system state can be captured using Attack Surface Analyzer and any combination of them can be used for the report generation.