Attack surface metrics analyzer tool
I am trying to find a tool to measure vulnerability into my application ( each entry point and exit point into my application ) and then apply it to Manadhata's metrics.
I found Microsoft surface attack analyzer but I am not sure if it do that for me ...
so , my question is there is a tool to analyze attack surface metrics?
Any of the popular vulnerability scanners will do this for you. None of them are going to apply a particular person's guidelines though. They will use standards agreed upon like CVSS scores, and you'd have to then do the conversion yourself if that's what you want to use.
Check out tools like Nessus, which has a free version you can play around with. And OpenVAS, which is FOSS.