Many attacks in the past decade have focused on vulnerabilities at the network and operating systems level. Hackers are aware that custom made applications do not have robust source code checking and appropriate vulnerability patching cycles. This is especially true if those applications are custom made by the organizations. Security controls concentrate on standard services and protocols, but are unable to protect against more specific application attacks that use those protocols. This kind of attack requires more skills and resources, as we already know, cyber criminals tend to gather together. With spammer and mafias supporting their activities, gathering these types of resources are rarely a problem.”]