The good news is that Web servers have come a long way in terms of security. But to err is human, even for IT and security people.
When the security industry thinks about breaches caused by human error, the image of an employee accidentally clicking on a malicious link in a phishing email often comes to mind. But to err is human, even for IT and security people, especially when it comes to Web servers.
Web servers themselves have come a long way in terms of security. Think back to the nascent days of Apache and how the server earned its name. "It was, 'A-PAtCHy server' based on applying a number of patch files against an older server platform," says Geoff Walton, senior security consultant at TrustedSec.