[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Update Disclosure Sources List - Please Vote!
I have voted but also included a few more on the end…. Government Information Sources Must Have - US-CERT Advisories (aka CERT-CC Advisories) Must Have - US-CERT Vulnerability Notes (CERT-CC) Ignore - US-CERT Bulletins (aka Cyber-Notes) Ignore - DoD IAVAs Nice to Have - NISCC Nice to Have - AUS-CERT Ignore - CIAC (name has changed) CNA Published Information All CNAs are a Must Have Non-CNA Vendor Advisories All non-CNS vendor advisories are a Must Have Mailing Lists & VDBs Must Have - Bugtraq Ignore - Vuln-Watch Ignore - VulnDev Nice to Have - Full Disclosure Ignore - Security Focus Ignore - Security Tracker Must Have - OSVDB Ignore - ISS X-Force Must Have - FRSIRT (VUPEN) Must Have - Secunia Ignore - Packet Storm Ignore - SecuriTeam Ignore - SANS Mailing List (Qualys) Ignore - Neohapsis (Security Threat Watch) Must Have - Metasploit Nice to Have - Snort Nice to Have - Contagiodump.blogspot.com Nice to Have - Oss-security Non-OS venders should be included Specifically Desktop products that are commonly seen in both corporate and consumer systems Additions…. 1. Must haves * APSA / APSB - Adobe 2. Nice to have * ZDI * Exploit-DB * MSVR – Microsoft Vulnerability Research Advisories * iDefense * cisco-sa-xxxxxxxx-xxx (Cisco Security Advisories) * Htxxxx (Apple) * VMSA (Vmware Security Advisories) * CNVD (China National Vulnerability Database) * Metasploit Module Ids Kent Landfield Director Content Strategy, Architecture and Standards McAfee, Inc. 5000 Headquarters Dr. Plano, Texas 75024 Direct: +1.972.963.7096 Mobile: +1.817.637.8026 Web: www.mcafee.com<http://www.mcafee.com/>