As has been noted elsewhere in the security industry, the 2005 SANS Top 20 report once again noted a significant shift in attack patterns as more and more applications are being chosen as attack vectors, as opposed to operating systems and internet services. Adding to the fire is the shift from widespread, indiscriminant attacks like Slammer or Blaster to profit-motivated “targeted attacks,” which has been well documented by Joe Stewart, LURHQ’s Senior Security Researcher. Combine the two and it’s pretty easy to see that the threat landscape is rapidly evolving to include almost any attack vector, allowing attackers to evade some of the most advanced security technologies and threaten your critical assets. Because of this, it has never been more important to make your assets the focal point of your security program than it is now.