Sans TOP 20 (or 18) Security risks 2007 updated

28 November 2007

The SANS Top 2007 is a consensus list of vulnerabilities that require immediate remediation. It is the result of a process that brought together dozens of leading security experts

The SANS Top 2007 is a living document. It includes step-by-step instructions and pointers to additional information useful for correcting the security flaws. We will update the list and the instructions as more critical threats and more current or convenient methods of protection are identified, and we welcome your input along the way

Client-side Vulnerabilities in:
C1. Web Browsers
C2. Office Software
C3. Email Clients
C4. Media Players

Server-side Vulnerabilities in
S1. Web Applications
S2. Windows Services
S3. Unix and Mac OS Services
S4. Backup Software
S5. Anti-virus Software
S6. Management Servers
S7. Database Software

Security Policy and Personnel:
H1. Excessive User Rights and Unauthorized Devices
H2. Phishing/Spear Phishing
H3. Unencrypted Laptops and Removable Media

Application Abuse:
A1. Instant Messaging
A2. Peer-to-Peer Programs

Network Devices:
N1. VoIP Servers and Phones

Zero Day Attacks:
Z1. Zero Day Attacks

Post scriptum

More information

Related Articles

12 April 2010 : Windows Autopwn (winAUTOPWN) v2.2 released
31 March 2010 : W3AF v1.0-rc3 released
29 March 2010 : Vicnum v1.4 released
28 March 2010 : Zenamics released BinCrowd the First collaborative reverse engineering tool
27 March 2010 : OWASP Broken Web Applications v0.91rc1 available

Copyright Security-Database 2006-2024 - Powered by themself ;).

Facebook rss twitter linkedin mail