  |
CERT Coordination Center - http://www.cert.org/
Studies Internet security vulnerabilities, provides incident response services to sites that have been the victims of attack, publishes a variety of security alerts, researches security and survivability in wide-area-networked computing, and develops information to improve site security. |
| |
SANS Internet Storm Center - http://isc.sans.org/
Cooperative cyber threat monitor and alert system. Features daily handler diaries that summarize and analyze new threats and events. |
| |
http://www.us-cert.gov/ - http://www.us-cert.gov/
Established in 2003 to protect the nation's Internet infrastructure, US-CERT coordinates defense against and responses to cyber attacks across the nation. |
| |
Apache HTTP Server Vulnerability Lists - http://httpd.apache.org/security_report.html
Lists of security problems fixed in released versions of the Apache HTTP Server. |
| |
http://www.securityfocus.com/archive/1 - http://www.securityfocus.com/archive/1
Independent source for security vulnerabilities, alerts, and threats. |
| |
SecurityFocus: Bugtraq - http://www.securityfocus.com/rss/vulnerabilities.xml
Full disclosure computer security vulnerabilities feed. |
| |
http://www.auscert.org.au - http://www.auscert.org.au
Australian Computer Emergency Response Team. Advisories and tools. |
| |
Oracle Security Center - http://www.oracle.com/technology/deploy/security/index.html
Tips, tools, and technologies to keep Oracle products safe, secure, and patched. |
| |
http://www.cerias.purdue.edu/ - http://www.cerias.purdue.edu/
Center for Education and Research in Information Assurance and Security. University center for multidisciplinary research and education in areas of information security. |
| |
VUPEN Security - http://www.vupen.com/english/
Provides security advisories and real-time information about vulnerabilities, exploits, and threats. Also provides vulnerability management and pentesting solutions. |
| |
ISS X-Force - http://xforce.iss.net/xforce/alerts
Security alerts, advisories, and alert summaries from ISS. |
| |
Open Source Vulnerability Database - http://www.osvdb.org/
Searchable database of vulnerabilities. Offers data for download in XML format as well as via website. Details of how to submit new vulnerabilities, database schema and FAQ. |
| |
PatchAdvisor - http://www.patchadvisor.com
Fee based patch alert service. |
| |
Secure Elements - http://www.secure-elements.com
Software vendor for IS technical control auditing, vulnerability management, and compliance. Provides advisories via XML and RSS, and fully supports OVAL and XCDDF XML standards for compliance and vulnerability functions. |
| |
PatchManagement.org - http://www.patchmanagement.org/
Mailing list dedicated to the discussion of patch management. |
| |
Linux Security Group - http://www.linux-security.us/
Security Advisories, Anti Hackers, programming books and related links. |
| |
Patch Management Forum - http://groups.yahoo.com/group/patchmgmt/
Mailing list facilitates networking and information exchange related to patch management: announcements, testing, verification, operations processes, and vulnerabilities. |
| |
PatchEasy - http://www.patcheasy.com/
Software vendor for patch management. |
| |
New Zealand Computer Emergency Readiness Team - http://www.nzcert.org.nz/
Charitable trust established to improve the general information security posture of New Zealand society. Provides news, alerts, trends and statistics. |
 |
http://secunia.com/ - http://secunia.com/
Provides security advisories and information about patches, and provides software for vulnerability management. |