Post Wed Nov 15, 2006 2:03 pm

SANS Top-20 Internet Security Attack Targets 2006

Taken from the Internet Strom Center entry today:

Today, the SANS Institute released an updated Top 20 Internet Security Attack Targets list.
This update reorganizes the list recognizing the new reality of operating system independent issues. Sections for cross-platform applications, network devices, policy and the overall issue of 0-day attacks where added.

The list has been released for the last 7 years. From the start, organizations like the FBI assisted in putting the list together. It is in particular useful if you have to set and defend priorities.

Comparing the different versions it is interesting that one issue from the first list (back then it was "vulnerable CGI programs") has come back as the category of "Vulnerable Web Applications". Take a look for yourself and see how your personal infosec career is reflected in the evolution of this list.


SANS Top 20:
http://www.sans.org/top20/

Don
CISSP, MCSE, CSTA, Security+ SME