Attack surface reduction principles include:
- shutting down network ports
- retiring unused services
- reducing the amount of code running
- setting strong trust boundaries
- security awareness training for employees, and more.
You can use the info from your Pentest-Tools.com Attack Surface view to gather the necessary data, prioritize actions, and then monitor if your remediation tactics have the desired result.
For in-depth information about the topic, check out this guide from Infosec Institute.