Vendor Alert Subscriptions Vendor Releases

» CERIAS    Center for Education and Research in Information Assurance and Security. University center for multidisciplinary research and education in areas of information security.    http://www.cerias.purdue.edu/

» US-CERT    Established in 2003 to protect the nation's Internet infrastructure, US-CERT coordinates defense against and responses to cyber attacks across the nation.    http://www.us-cert.gov/

» Apache HTTP Server Vulnerability Lists    Lists of security problems fixed in released versions of the Apache HTTP Server.    http://httpd.apache.org/security_report.html

» AusCERT    Australian Computer Emergency Response Team. Advisories and tools.    http://www.auscert.org.au

» Bugtraq    Independent source for security vulnerabilities, alerts, and threats.    http://www.securityfocus.com/archive/1

» CERT Coordination Center    Studies Internet security vulnerabilities, provides incident response services to sites that have been the victims of attack, publishes a variety of security alerts, researches security and survivability in wide-area-networked computing, and develops info    http://www.cert.org/

» Computer Incident Advisory Capability    CIAC publishes security bulletins and virus and hoax information. They provide computer security assistance to US Department of Energy (DOE) sites.    http://www.ciac.org/ciac/index.html

» FrSIRT    Provides security advisories and real-time information about vulnerabilities, exploits, and threats. Sponsor of the Common Vulnerability Scoring System (CVSS).    http://www.frsirt.com/english/

» ISS X-Force    Security alerts, advisories, and alert summaries from ISS.    http://xforce.iss.net/xforce/alerts

» Linux Security Group    Security Advisories, Anti Hackers, programming books and related links.    http://www.linux-security.us/

» Makesecure.com    Network security news, alerts and updates    http://www.makesecure.com

» New Zealand Computer Emergency Readiness Team    Security Alerts and Advisories    http://www.nzcert.org.nz

» Open Source Vulnerability Database    Searchable database of vulnerabilities. Offers data for download in XML format as well as via website. Details of how to submit new vulnerabilities, database schema and FAQ.    http://www.osvdb.org/

» Oracle Security Center    Tips, tools, and technologies to keep Oracle products safe, secure, and patched.    http://www.oracle.com/technology/deploy/security/index.html

» Patch Management Forum    Mailing list facilitates networking and information exchange related to patch management: announcements, testing, verification, operations processes, and vulnerabilities.    http://groups.yahoo.com/group/patchmgmt/

» PatchAdvisor    Fee based patch alert service.    http://www.patchadvisor.com

» PatchEasy    Software vendor for patch management.    http://www.patcheasy.com/

» PatchManagement.org    Mailing list dedicated to the discussion of patch management.    http://www.patchmanagement.org/

» Patchlink Corporation    Software vendor for cross platform patch management.    http://www.patchlink.com

» SANS Internet Storm Center    Cooperative cyber threat monitor and alert system. Features daily handler diaries that summarize and analyze new threats and events.    http://isc.sans.org/

» Secunia    Provides security advisories and information about patches, and provides software for vulnerability management.    http://secunia.com/

» Secure Elements    Software vendor for IS technical control auditing, vulnerability management, and compliance. Provides advisories via XML and RSS, and fully supports OVAL and XCDDF XML standards for compliance and vulnerability functions.    http://www.secure-elements.com

» Symantec DeepSight Threat Management System    Fee based security alert service that provides early warning of active attacks.    http://www.symantec.com/Products/enterprise?c=prodinfo&refId=988

» VulnWatch    Computer security vulnerability disclosure mailing list    http://www.vulnwatch.org/