[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CVE Information Sources & Scope



> Government Information Sources
+ all 'must have'

> CNA Published Information
+ all 'must have' (otherwise shouldn't be a CNA)

> Non-CNA Vendor Advisories
+ all 'must have'

> Mailing Lists & VDBs
+ must >  Bugtraq
+ ignored >  Vuln-Watch
+ ignored >  VulnDev
+ should >  Full Disclosure
+ ignored >  Security Focus
+ ignored >  Security Tracker
+ ignored >  OSVDB
+ ignored >  ISS X-Force
+ ignored >  FRSIRT
+ ignored >  Secunia
+ ignored >  Packet Storm
+ ignored >  SecuriTeam
+ nice >  SANS Mailing List (Qualys)
+ ignored  Neohapsis (Security Threat Watch)

Additional
+ must "Oss-security" (although also covered by my "CNA" vote)


 
Page Last Updated: November 06, 2012