Insufficient Authentication ControlsWeak Password PolicyInsufficient PatchingDefault CredentialsInsufficient Encryption (The Most by far)Information DisclosureUsername EnumerationDefault Web PagesOpen Mail RelaysIKE Aggressive ModeUnexpected Perimeter ServicesInsufficient Traffic BlockingUndetected Malicious ActivityHistorical Account Compromises
