Today, the SANS Institute released an updated Top 20 Internet Security Attack Targets list.
This update reorganizes the list recognizing the new reality of operating system independent issues. Sections for cross-platform applications, network devices, policy and the overall issue of 0-day attacks where added.
The list has been released for the last 7 years. From the start, organizations like the FBI assisted in putting the list together. It is in particular useful if you have to set and defend priorities.
Comparing the different versions it is interesting that one issue from the first list (back then it was "vulnerable CGI programs") has come back as the category of "Vulnerable Web Applications". Take a look for yourself and see how your personal infosec career is reflected in the evolution of this list.
I will be teaching next: Defending Web Applications Security Essentials - SANS San Francisco Spring 2020
Nov 15th 2006
1 decade ago