- CERT Coordination Center - http://www.cert.org/
Studies Internet security vulnerabilities, provides incident response services to sites that have been the victims of attack, publishes a variety of security alerts, researches security and survivability in wide-area-networked computing, and develops information to improve site security.
- PatchManagement.org - http://www.patchmanagement.org/
Mailing list dedicated to the discussion of patch management.
- Center for Internet Security - http://www.cisecurity.org
Non-profit enterprise whose mission is to help organizations reduce the risk of business and e-commerce disruptions resulting from inadequate technical security controls.
- Patchlink Corporation - Patch Management - http://www.patchlink.com
Offers fully Internet-based, automated, cross-platform, enterprise security patch management software so IT administrators can assess and resolve security vulnerabilities across operating systems and applications.
- Patchcompliance.com - http://www.patchcompliance.com
Offers patch management information and products.
- PatchEasy - http://www.patcheasy.com/
Patch management tool that helps secure systems by remotely managing service packs and hotfixes. Conduct research, take inventory, deploy updates and validate installations to networked machines.
- AusCERT - http://www.auscert.org.au
Australian Computer Emergency Response Team. Advisories and tools.
- Bugtraq - http://www.securityfocus.com/archive/1
Independent source for security vulnerabilities, alerts, and threats.
- CVEbrowser - http://cvebrowser.sourceforge.net
CVE browser is a Java Web search engine for the Mitre CVE vulnerability dictionary.
- DeepSight - http://enterprisesecurity.symantec.com/products/products.cfm?ProductID=158
Fee based security alert service by Symantec.
- ISS X-Force - http://xforce.iss.net/xforce/alerts
Security alerts, advisories, and alert summaries from ISS.
- Makesecure.com - http://www.makesecure.com
Network security news, alerts and updates
- OpenNet - Security - http://security.opennet.ru
Database of daily updated security alerts.
- PatchAdvisor - http://www.patchadvisor.com
Patch alert service.
- Secunia - http://secunia.com/
Provides security advisories and information about patches.
- SecurityMetrics Bulletin Service - http://www.securitymetrics.com/freesubscription.adp
Security Bulletins that are compiled from multiple leading sources and condensed to reduce your efforts in reviewing them regularly.
- Sintelli Alert - http://www.sintelli.com
Online service that notifies webmasters of new security vulnerabilities.
- Threat Focus - http://www.threatfocus.com/
Threat Focus Diligence provides customized 24/7 vulnerability and patch alerts for more than 1,000 products, giving IT and network managers the security information they need to protect their assets.
- TruIntelligence - http://www.trusecure.com/solutions/intelligence/index.shtml
Actionable, risk oriented intelligence service from TruSecure Corporation.
- US-CERT - http://www.us-cert.gov/
Provides a mechanism that allows citizens, businesses, and other institutions to communicate directly with the United States government regarding cyber security information.
- VulnWatch - http://www.vulnwatch.org/
Computer security vulnerability disclosure mailing list
- Computer Incident Advisory Capability - http://www.ciac.org/ciac/index.html
CIAC publishes security bulletins and virus and hoax information. They provide computer security assistance to US Department of Energy (DOE) sites.
- Patch Management Forum - http://groups.yahoo.com/group/patchmgmt/
Mailing list facilitates networking and information exchange related to patch management: announcements, testing, verification, operations processes, and vulnerabilities.
- 2000Trainers.com - Security Alerts - http://www.2000trainers.com/alerts/
Offers advice, ratings and direct downloads to the most recent security patches, hotfixes, and service packs for server operating systems and applications.
- SecurityFocus: Bugtraq - http://www.securityfocus.com/rss/vulnerabilities.xml
Full disclosure computer security vulnerabilities feed.
- Security Corporation - http://www.security-corporation.com/
Information on the latest security advisories, viruses, press releases, and whitepapers.
- Open Source Vulnerability Database - http://www.osvdb.org/
Searchable database of vulnerabilities. Offers data for download in XML format as well as via website. Details of how to submit new vulnerabilities, database schema and FAQ.
- igxglobal.com - http://dsb.igxglobal.com/newsrss10.php
Provides daily reports on new Internet, network and application vulnerabilities.
- Citadel Security - http://www.citadel.com/
Vulnerability remediation software which prevents networked machines that have been off the network for some time from gaining access until the software has applied necessary patches. Also offer policy management and automatic logoff tools.
|
