- http://nvd.nist.gov/
- http://cve.mitre.org/
- http://www.symantec.com/security_response/
- http://www.iss.net/threats/ThreatList.php
- http://www.itsecdb.com/oval/
- http://www.exploit-db.com/
- http://news.cnet.com/security/
- http://thehackernews.com/
- http://www.securityfocus.com/
- http://www.blackhat.com/
- http://seclists.org/isn/
- http://www.zdnet.com/topics/security
- http://www.scmagazine.com/
- http://www.nist.org/news.php
- http://www.securityweek.com/
- http://www.eweek.com/c/s/Security/
To answer the first question: Are these actual sources that I am using in my current class?
The sites that I feel I am getting the most use out of are: nvd.nist.gov, cve.mitre.org, and exploit-db.com.
Second question: are there any additional sources that I've discovered? No, with such an extensive list already compiled, haven't had the time or need to seek out additional sources this week.
Third question: Any that I have decided not to use? In regards to looking for specific vulnerabilities, I would say that I would use the three that I've listed in my first answer, and the rest would simply be used for situational awareness of new vulnerabilities that are being talked about online.
No comments:
Post a Comment