Automate the process of looking for CVE (new vulnerabilities) related to our infrastructure

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Posted by skinp on Server Fault See other posts from Server Fault or by skinp
Published on 2011-02-17T22:48:14Z Indexed on 2011/02/17 23:27 UTC
Read the original article Hit count: 136

Filed under:
|
|
|

Is there any service available where you simply list the services, programs and versions you use, and when some CVE comes out about it, you automatically get alerted?

Also, is there any other place to look for this kind of information. Do some people release security vulnerabilities to other places than CVE?

So in general, how do you guys keep up to date with what might be vulnerable in your infrastructure?

Edit: Since I've been asked, we are a Unix shop with mostly Red Hat and some HP-UX. I would still prefer a high level solution which are OS independent. What happens if we use software versions which are not in the official repositories of Red Hat/HP/... or simply not supported by them.

© Server Fault or respective owner

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Related posts about unix

Related posts about watch

Categories cloud

.NET ASP.NET iphone linux python Windows mysql android sql windows-7 html c ruby-on-rails css objective-c ubuntu networking sql-server wpf asp.net-mvc ruby database Xml apache AJAX osx security regex django Performance 12.04 windows-xp mac web-development iphone-sdk vb.net Silverlight apache2 flash server perl best-practices email installation eclipse visual-studio algorithm windows-server-2008 winforms wcf firefox bash dns /Oracle