Security Basics mailing list archives
RE: Vulnerability Alerting Services
From: "Mikhail A. Utin" <mutin () commonwealthcare org>
Date: Mon, 23 Jan 2012 16:15:36 -0500
Hello, You are the subscriber of Security Basics, so do the same for Full Disclosure, and you'll get all you need. Guys report on vulnerabilities found in apps you've never heard about. I believe Full Disclosure is better than paid and biosed vendor service. I used it few a few years and 99% satisfied. Mikhail Utin, CISSP ________________________________________ From: listbounce () securityfocus com [listbounce () securityfocus com] On Behalf Of Steven Marco (Modern Compliance Solutions) [smarco () moderncompliancesolutions com] Sent: Friday, January 20, 2012 11:38 AM To: peenacolada69 () yahoo com; security-basics () securityfocus com Subject: RE: Vulnerability Alerting Services Hi, As part of an overall Security Strategy, I would suggest you should register with each vendor within scope and if they are credible, will supply you with such alert in a timely order. If you had a Compliance Risk Analysis performed, each patch update on your servers, network devices should be included and alert you if there are any out-of-date firmwares, Malware definitions, A/V engines and O/S security patches/updates. HP, Cisco are two companies that I know provide this information. Otherwise have not heard of such a service - but is a great business idea. Best regards, Steven Marco, CISA, ITIL, HP SA Modern Compliance Solutions 69 S 1200 E Lindon, Utah 84042 801.770.1199 - Office 801.472.6371 - Cell http://www.moderncompliancesolutions.com -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of peenacolada69 () yahoo com Sent: Wednesday, January 18, 2012 5:50 PM To: security-basics () securityfocus com Subject: Vulnerability Alerting Services What are some vulnerability alerting services that people are using and like? I am looking for a service that lets me specify the software/hardware I have, and get email alerts about vulnerabilities. Also something not too expensive. I know there are free lists like SecurityFocus, SANS @risk, and US-CERT alerts, but it seems like they cover mostly major software vendors, and I'm guessing they may not be as targeted/comprehensive as a paid for service. Thanks CONFIDENTIALITY NOTICE: This email communication and any attachments may contain confidential and privileged information for the use of the designated recipients named above. If you are not the intended recipient, you are hereby notified that you have received this communication in error and that any review, disclosure, dissemination, distribution or copying of it or its contents is prohibited. If you have received this communication in error, please reply to the sender immediately or by telephone at (617) 426-0600 and destroy all copies of this communication and any attachments. For further information regarding Commonwealth Care Alliance's privacy policy, please visit our Internet web site at http://www.commonwealthcare.org. ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Vulnerability Alerting Services peenacolada69 (Jan 20)
- RE: Vulnerability Alerting Services Steven Marco (Modern Compliance Solutions) (Jan 23)
- RE: Vulnerability Alerting Services Mikhail A. Utin (Jan 23)
- Re: Vulnerability Alerting Services Patrick Webster (Jan 24)
- RE: Vulnerability Alerting Services Mikhail A. Utin (Jan 23)
- <Possible follow-ups>
- Re: Vulnerability Alerting Services ricciantonio (Jan 23)
- Re: Vulnerability Alerting Services joseph (Jan 23)
- RE: Vulnerability Alerting Services Steven Marco (Modern Compliance Solutions) (Jan 23)