- Client-side Vulnerabilities in:
C1. Web Browsers
C2. Office Software
C3. Email Clients
C4. Media Players
- Server-side Vulnerabilities in:
S1. Web Applications
S2. Windows Services
S3. Unix and Mac OS Services
S4. Backup Software
S5. Anti-virus Software
S6. Management Servers
S7. Database Software
- Security Policy and Personnel:
H1. Excessive User Rights and Unauthorized Devices
H2. Phishing/Spear Phishing
H3. Unencrypted Laptops and Removable Media
- Application Abuse:
A1. Instant Messaging
A2. Peer-to-Peer Programs
- Network Devices:
N1. VoIP Servers and Phones
- Zero Day Attacks:
Z1. Zero Day Attacks
Komentá? k tomuto každoro?nímu p?ehledu (shrnutí) je obsažen v ?lánku
Sans releases top 20 Net risks list.
Viz také:
Three takeaways from the SANS Top 20 (sort of) Internet Security Risk List. Fewer entries than usual, but don t mistake that for good news.
New SANS Top 20 list points to two major transformations in attacker targets
Institute Top 20 highlights client-side risks
Kritický komentá? -
SANS Top 20 released, but is it still useful?.