Cenzic's CIA Labs has recently finished up its Q1 2007 Application Security Trends Report. The full report is available at the URL below: http://www.cenzic.com/pdfs/CZ_AppSecTrnds_Rev4.pdf You can read my blog post about the Trend Report below: http://secureweb.typepad.com/secure_web/2007/05/q1_2007_applica.html We examined vulnerability data for the period, attack and probe data from SANS ISC and DShield, and highlighted important application security events that occured during the Q1 2007 time-frame. Additionally we drew upon data from Cenzic's ClickToSecure service to point to the types of vulnerabilities we found to be most common in the wild. I hope our readers enjoy this report as much as we enjoyed putting it together. Best Regards, Tom Stracener Sr. Security Analyst Cenzic Inc.
