Tuesday, September 15, 2009

SANS Top Cyber Security Risks

SANS Top Cyber Security Risks report highlighted two major issues:
- Unpatched client-side software
- Vulnerable web sites

No surprises in the report. Here are some points to summarize:
- Client-side vulnerabilities are the primary initial infection vector
- Major organizations take at least twice as long to patch client-side vulnerabilities as they take to patch operating system vulnerabilities
- 60% of attacks observed are targeting web applications.
- 80% of web applications attacks are SQL injection and XSS

No comments: