Strategies that help identify security concerns in your systems and software you are currently operating. Evaluation and addressing these concerns will help develop or introduce software or services designed to protect your attack surface.