Information and resources

Keeping on top of information security vulnerabilities is an essential component of information security. Attackers exploit existing security vulnerabilities on systems to gain unauthorized access to systems and data.

• Vulnerabilities can be technical, such as bugs in software, or nontechnical (e.g., a user discloses a password to an unauthorized person).

The following are some external resources that IT Security considers useful for helping you stay up to date on the ever-changing information security landscape:

• SecurityFocus: Offers several useful vulnerability resources, including email lists such as BugTraq
• CERT: Provides useful information on information security
• REN-ISAC: Focuses on information security challenges facing educational institutions
• SANS Top 20: Lists the top 20 information security vulnerabilities (updated annually) as collected by SANS