A collection of resources related to vulnerability management that can be useful in tracking and managing vulnerabilities. Lists are in no particular order.
-
OpenCVE - Site that allows you to be emailed of new CVEs by subscribing to different products and vendors. Account creation (free) required.
-
Tenable Plugins - A feed of Tenable's new plugins.
-
Threatable - A powerful, filtered aggregator that combines vulnerability alerts, blog posts, tweets, and much more.
-
AttackerKB - Rapid7's community-driven feed of vulnerabilities that allows collaboration from all cybersecurity professionals.
-
Security Wizardry Radar - A vulnerability feed that updates daily. Useful for a quick check in case a vulnerability has fallen through the cracks.
-
Vulners - A search engine with a focus on a variety of cybersecurity topics including security news, a CVE feed, bug bounties, and much more.
-
Vulmon - A database-driven vulnerability search engine that allows you to search by CVE ID, Vendor, vulnerability types, etc.
-
Zero Day Initiative - List of vulnerabilities that have been discovered by Zero Day Initiative that haven't been publically exposed.
-
CVEDetails - Another site that allows you to search for vendors, products, versions and view CVE/vulnerabilities related to them. The site also includes statistics related to vendors and products.
-
Patch Tuesday Dashboard - A dashboard that tracks patches issued by Microsoft. Updates every Patch Tuesday.
-
VulnDB - A vulnerability database that documents and explains recent vulnerabilities.
-
CloudVulnDB - A project whose goal is to document both cloud vulnerabilities and cloud service provider security issues.
-
inTheWild - A volunteer-driven feed of newly exploited vulnerabilities / publicly released exploits.
-
Inoreader - An excellent RSS feed to track all things cybersecurity.
-
Feedly - An Inoreader alternative.
- Practical Vulnerability Management, ISBN: 9781593279882