|
Internet and Information Security are a critical global concern and broad information sharing is the most effective mechanism to prevent major virus and worm outbreaks.
Many public and private institutions, research centers and user forums are dedicated to tracking, publishing and discussing the latest threats and vulnerabilities and issue timely alerts, advisories, and guidance on how best to protect from them.
iPolicy Networks is actively engaged in this global effort and is making contributions to several forums in the infosec community. The links below are provided as an additional resource to iPolicy Networks visitors. They include major sites that may benefit users but the list is not exhaustive, and the content on these sites has not been independently verified or approved by iPolicy Networks. The opinions expressed are strictly those of the respective authors or organizations.
SANS Institute
The SANS Institute is one of the largest source for information security training and certification in the world. SANS develops, maintains, and makes available a large collection of research documents about various aspects of information security. SANS operates the Internet's early warning system - Internet Storm Center.
http://isc.sans.org/index.php
SANS @ RISK Consensus Security Alert
@RISK: The Consensus Security Alert newsletter is delivered every Monday morning. @RISK reports on the three to eight vulnerabilities that matter most, explains what damage they do and how to protect from them, and summarizes actions 15 giant organizations have taken to protect their users. @RISK adds to the critical vulnerability list a complete catalog of all the new security vulnerabilities discovered during the past week.
http://www.sans.org/newsletters/risk/
US-CERT Coordination Center
Established in 1988, the CERT® Coordination Center (CERT/CC) is a center of Internet security expertise, located at the Software Engineering Institute, a federally funded research and development center operated by Carnegie Mellon University.
http://www.cert.org/
US-CERT- Technical Cyber Security Alerts
Technical Cyber Security Alerts provide timely information about current security issues, vulnerabilities, and exploits.
http://www.us-cert.gov/cas/techalerts/index.html
US-CERT Cyber Security Bulletins
This site is an extensive compilation and includes information published by various non-CERT sources. It lists
Bugs, Holes, & Patches for Windows, for UNIX/LINUX and for Multiple Operating Systems. It includes reports on Recent Exploit Scripts and Techniques, Trends, Viruses & Trojans.
http://www.us-cert.gov/cas/bulletins/
Common Vulnerabilities and Exposures List (CVE)
This site publishes the CVE list: a list of standardized names for vulnerabilities and other information security exposures. CVE aims to standardize the names for all publicly known vulnerabilities and security exposures.
http://www.cve.mitre.org/cve/index.html
Microsoft TechNet
On this site, Microsoft published vulnerabilities discovered in its products and provides content and guidance on managing security for Microsoft-based information systems
http://www.microsoft.com/technet/security/recent/default.mspx
http://www.microsoft.com/technet/security/current.aspx
Linux Security.com
This site is the voice for Linux and open source security news.
http://www.linuxsecurity.com
Jupiter Media / JupiterWeb
This site is dedicated to Linux security.
http://linuxtoday.com/security/index.html
Red Hat Networks Security Updates
The site is specific to Red Hat security issues, called “errata”.
https://rhn.redhat.com/errata/
Tech Republic Virus Threat Center
This technical Site Publishes a Threat Center Blog and Virus Security Alerts and Advisories.
http://www.virusthreatcenter.com/
HelpNet Security
A privately-owned Information Security Portal providing latest news from the InfoSec community.
http://www.net-security.org/index.php
Open Source Vulnerability Database
OSVDB is an independent and open source database created by and for the community.
http://www.osvdb.org/
|
