The total area of potential vulnerabilities in a computer system or network. It is used in cybersecurity to assess the potential risks and vulnerabilities in a system or network. Examples include the open ports and services on a server, the number of users with access to a system, and the type of software installed on a system.