Not the List to Get On
Wondering which applications in your company had security problems? And just how many problems each had? Wouldnt it be good to have a comprehensive list of all this information? If you said yes, the U.S. government agrees with you. The National Infrastructure Protection Center recently released a comprehensive list of all reported security vulnerabilities, worms, Trojan horses and viruses from last year. The 84-page report is available as a downloadable PDF.Although the report does not include URLs to detailed information on each problem, I still found it to be a very useful resource for detecting potential problems in a companys software investments.
The report is essentially a giant table that has columns for vendor, product names, operating systems and risk levels (low or high). The table also tells which NIPC cyber-note has details about the security threat.