Advisories_and_Patches

Vendor_Alert_Subscriptions

Vendor_Releases

	2000Trainers.com - Security Alerts : Offers advice, ratings and direct downloads to the most recent security patches, hotfixes, and service packs for server operating systems and applications. - www.2000trainers.com/alerts/
	Apache Week: Apache httpd 1.3 vulnerabilities : Includes an overview of published Apache 1.3.x security advisories and patches. - www.apacheweek.com/features/security-13
	Bugtraq : Independent source for security vulnerabilities, alerts, and threats. - www.securityfocus.com/archive/1
	CERIAS - Center for Education and Research in Information Assurance and Security : University center for multidisciplinary research and education in areas of information security. Provides hotlist covering all aspects of security. - www.cerias.purdue.edu/
	cisecurity.org - www.cisecurity.org/
	Citadel Security : Vulnerability remediation software which prevents networked machines that have been off the network for some time from gaining access until the software has applied necessary patches. Also offer policy management and automatic logoff tools. - www.citadel.com/
	Computer Incident Advisory Capability : CIAC publishes security bulletins and virus and hoax information. They provide computer security assistance to US Department of Energy (DOE) sites. - www.ciac.org/ciac/index.html
	DeepSight : Fee based security alert service by Symantec. - enterprisesecurity.symantec.com/products/products.cfm?ProductID=158
	iis.com - www.iis.com/default.aspx?pageid=3
	ISS X-Force : Security alerts, advisories, and alert summaries from ISS. - xforce.iss.net/xforce/alerts
	makesecure.com - www.makesecure.com/
	Open Source Vulnerability Database : Searchable database of vulnerabilities. Offers data for download in XML format as well as via website. Details of how to submit new vulnerabilities, database schema and FAQ. - www.osvdb.org/
	opennet.ru - security.opennet.ru/
	org.au - www.auscert.org.au/
	Patch Management Forum : Mailing list facilitates networking and information exchange related to patch management: announcements, testing, verification, operations processes, and vulnerabilities. - groups.yahoo.com/group/patchmgmt/
	patchadvisor.com - www.patchadvisor.com/
	patchcompliance.com - www.patchcompliance.com/
	PatchEasy : Patch management tool that helps secure systems by remotely managing service packs and hotfixes. Conduct research, take inventory, deploy updates and validate installations to networked machines. - www.patcheasy.com/
	patchlink.com - www.patchlink.com/
	PatchManagement.org : Mailing list dedicated to the discussion of patch management. - www.patchmanagement.org/
	Secunia : Provides security advisories and information about patches. - secunia.com/
	Secureroot Advisories Database : Listing of security advisories and warnings. - www.secureroot.com/security/advisories/
	Security Corporation : Information on the latest security advisories, viruses, press releases, and whitepapers. - www.security-corporation.com/
	SecurityMetrics Bulletin Service : Security Bulletins that are compiled from multiple leading sources and condensed to reduce your efforts in reviewing them regularly. - www.securitymetrics.com/freesubscription.adp
	sintelli.com - www.sintelli.com/
	sourceforge.net - cvebrowser.sourceforge.net/
	Threat Focus : Supplier of real-time targeted security alerts to small and medium sized businesses. - www.threatfocus.com/
	TruIntelligence : Actionable, risk oriented intelligence service from TruSecure Corporation. - www.trusecure.com/solutions/intelligence/index.shtml
	US-CERT : Provides a mechanism that allows citizens, businesses, and other institutions to communicate directly with the United States government regarding cyber security information. - www.us-cert.gov/
	VulnWatch : Computer security vulnerability disclosure mailing list - www.vulnwatch.org/