[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Q1 2007 Application Security Trends Report

To: webappsec@xxxxxxxxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx
Subject: Q1 2007 Application Security Trends Report
From: "Tom Stracener" <strace@xxxxxxxxx>
Date: Tue, 22 May 2007 12:23:10 -0700

Cenzic's CIA Labs has recently finished up its Q1 2007 Application
Security Trends Report. The full report is available at the URL below:

http://www.cenzic.com/pdfs/CZ_AppSecTrnds_Rev4.pdf

You can read my blog post about the Trend Report below:

http://secureweb.typepad.com/secure_web/2007/05/q1_2007_applica.html

We examined vulnerability data for the period, attack and probe data
from SANS ISC and DShield, and highlighted important application
security events that occured during the Q1 2007 time-frame.
Additionally we drew upon data from Cenzic's ClickToSecure service to
point to the types of vulnerabilities we found to be most common in
the wild.

I hope our readers enjoy this report as much as we enjoyed putting it together.

Best Regards,

Tom Stracener
Sr. Security Analyst
Cenzic Inc.

Prev by Date: [security bulletin] HPSBUX02217 SSRT071337 rev.1 - HP-UX running Kerberos, Remote Arbitrary Code Execution
Next by Date: Cisco Security Advisory: Vulnerability In Crypto Library
Previous by thread: [security bulletin] HPSBUX02217 SSRT071337 rev.1 - HP-UX running Kerberos, Remote Arbitrary Code Execution
Next by thread: Cisco Security Advisory: Vulnerability In Crypto Library
Index(es):
- Date
- Thread