SANS Top 20 Update
Today, the SANS Institute released an updated Top 20 Internet Security Attack Targets list.
This update reorganizes the list recognizing the new reality of operating system independent issues. Sections for cross-platform applications, network devices, policy and the overall issue of 0-day attacks where added.
The list has been released for the last 7 years. From the start, organizations like the FBI assisted in putting the list together. It is in particular useful if you have to set and defend priorities.
Comparing the different versions it is interesting that one issue from the first list (back then it was "vulnerable CGI programs") has come back as the category of "Vulnerable Web Applications". Take a look for yourself and see how your personal infosec career is reflected in the evolution of this list.
This update reorganizes the list recognizing the new reality of operating system independent issues. Sections for cross-platform applications, network devices, policy and the overall issue of 0-day attacks where added.
The list has been released for the last 7 years. From the start, organizations like the FBI assisted in putting the list together. It is in particular useful if you have to set and defend priorities.
Comparing the different versions it is interesting that one issue from the first list (back then it was "vulnerable CGI programs") has come back as the category of "Vulnerable Web Applications". Take a look for yourself and see how your personal infosec career is reflected in the evolution of this list.
Keywords:
0 comment(s)
My next class:
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
×
Diary Archives
Comments