Ignorance isn’t bliss where net security is concerned. While we may carry out security and system updates religiously there can still be a nagging doubt that we haven’t covered all the bases.
But wonder no more and go for a free network scan that will help find and eliminate all the latest vulnerabilities. Qualys, a “leading provider of on demand vulnerability management and policy compliance solutions”, are currently offering a free online scan at https://sans20.qualys.com
The scan checks for all the most dangerous chinks in the armour as identified in the new SANS Top 20 update for 2007. The SANS INSTITUTE and security experts from industry and government compile this network weakness chart annually to provide organisations with a prioritised list of newly discovered exposures to their networks.
In its seventh year, the SANS list of Top 20 Internet Security Risks reveals a continued shift from web-based threats to vulnerabilities in popular end user applications such as Internet Explorer, Windows Media Player and Adobe.
Another rising trend in 2007 is an increase in vulnerabilities relating to web applications such as wikis, portals or those that provide access to back end databases and banking applications. This is due in part to the fact that developing web applications is an intricate process, and the combined complexity and flexibility of web development tools, such as Java, .Net, Perl, PHP, Ruby, and others, make it easy for development mistakes to become exploitable security holes.
Further information on the SANS top 20 nasties is available online at www.sans.org/top20
