contents | software | |||||||
| Free Qualys Security Scan Available for the New SANS Top 20 in 2006 Qualys has announced the availability of a free network scanning service to help companies find and eliminate vulnerabilities listed in the annual SANS Top 20 update for 2006. The SANS Top 20 is designed by the SANS Institute and security experts from industry and government to provide organizations with a prioritized list of newly discovered exposures to their networks. In addition to identifying vulnerabilities in Windows and UNIX categories, this year's Top 20 demonstrated a shift from server-side to client-side vulnerabilities and includes categories for zero-day vulnerabilities and highlights the most important Microsoft Office and Web application exploitable vulnerabilities. These changes further reflect the increase in exploits for malicious or personal gain, such as targeting military and government contractor sites using phishing attacks. Sarwate, along with other experts in the community, provided contributions to the development of the SANS Top 20 list and presented on the topics of client-side vulnerabilities and zero-day threats at the SANS Top 20 event in London on Wednesday. According to the Top 20 list, the shift from server-side to client-side vulnerabilities continues to be an increasing trend, as are attacks by cyber criminals for financial gain. And, according to the SANS Institute, there has been a significant surge in the number of online criminals in Asian countries, as well as Eastern European initiated attacks. As a result, several banks have reported 400 to 500 percent increases in losses to cyber fraud from 2005 to 2006. Qualys' on demand model provides customers with immediate vulnerability updates, such as the Top-20 listing, without the need for installing software or building out additional infrastructure. In addition to the free scan, the QualysGuard service detects new exposures in the SANS Top-20. write your comments about the article :: © 2006 Computing News :: home page |