][Date Next][Thread Prev
][Thread Next][Date Index
Re: Sources List and Some Updates
On 6/27/12 11:38 AM, Mann, Dave wrote:
> FULL COVERAGE SOURCES - OTHER
> US-CERT: Technical Cyber Security Alerts
> PARTIAL COVERAGE SOURCE - VENDOR RELATED
> US-CERT: Vulnerability Notes
Please either swap these, or move US-CERT: Vulnerability Notes to "full
74% (average since 2009) of vulnerability notes (5+ per month) are based
on private reports to CERT, which means those vulnerability notes are
effectively an initial source of a public disclosure, and often already
have a CVE ID.
US-CERT: Technical Cyber Security Alerts are actually more likely to be
"republishing" on a Microsoft patch Tuesday release or similar. Times
have changed since the days of CERT Advisories...