SANS released the "Top Cyber Security Risks" report which covers covers March-August 2009 that features attack data from TippingPoint intrusion prevention systems protecting 6,000 organizations, vulnerability data from 9,000,000 systems compiled by Qualys, and additional analysis and tutorial by the Internet Storm Center and key SANS faculty members.

The report's target audience is major organizations that want to ensure their defenses are up-to-date and are tuned to respond to today's newest attacks and to the most pressing vulnerabilities.


The report uses current data from appliances and software in thousands of targeted organizations to provide a reliable portrait of the attacks being launched and the vulnerabilities they exploit.

The report's purpose is to document existing and emerging threats that pose significant risk to networks and the critical information that is generated, processed, transmitted, and stored on those networks. It summarizes vulnerability and attack trends, focusing on those threats that have the greatest potential to negatively impact your network and your business. It identifies key elements that enable these threats and associates these key elements with security controls that can mitigate your risk.

The report also includes a pictorial description/tutorial on how some of the most damaging current attacks actually work. One of the most important findings in cybersecurity over the past several years has been the understanding most often asserted by White House officials that "offense must inform defense." Only people who understand how attacks are carried out can be expected to be effective defenders.

The report was compiled by Rohit Dhamankar, Mike Dausin, Marc Eisenbarth and James King of TippingPoint with assistance from Wolfgang Kandek of Qualys, Johannes Ullrich of the Internet Storm Center, and Ed Skoudis and Rob Lee of the SANS Institute faculty.