"The SANS Top 2007 is a consensus list of vulnerabilities that require immediate remediation. It is the result of a process that brought together dozens of leading security experts. They come from the most security-conscious government agencies in the UK, US, and Singapore; the leading security software vendors and consulting firms; the top university-based security programs; the Internet Storm Center, and many other user organizations. A list of participants appears at the end of this document.
The SANS Top 2007 list is not "cumulative." We include only critical vulnerabilities from the past year or so. If you have not patched your systems for long time, it would be wise to patch the vulnerabilities listed in the Top 20 2006 list as well as those in the prior lists. At the end of this document, you will find a short FAQ (list of frequently asked questions) that answers questions you may have about the project and the way the list is created."
Friday, December 21, 2007
SANS Top-20 2007 Security Risks
As a special friend said, "This is required reading for anyone with a computer and further details can be found at http://www.sans.org/top20/." I agree. There is a lot of information in the report so you may want to bookmark it and return on occasion.