+1 on all of those from Kurt - also for the fact that you have to put up with a lot of crazy noise on Full-Disclosure if you want to pick the nuggets of interest out
I also try to stay subscribed to vendor advisories of interest to me such as those from VMWare, Oracle, Citrix, HP and others. www.securitynewsportal.com does a good job of aggregating news items, tweets, blog entries and other general IT security-related stuff 2009/8/18 Kurt Buff <[email protected]> > eEye has a nice newsletter they send out. > > SANS has several newsletters, including newsbites, ouch and a couple of > others. > > if you can stand the noise, full-disclosure is worth it. > > securityfocus.com has lots of lists, including bugtraq, and some > summary stuff they send out occasionally. > > Dailydave is definitely worth it. > > On Mon, Aug 17, 2009 at 23:47, Benjamin Zachary - > Lists<[email protected]> wrote: > > > > > > On our new pci requirement they want the staff to be on some security > update > > lists. I went to cisecurity.org and sans.org and didn’t see anything > > special. I used to be on ntbugtraq and I suppose I could sign them up for > > the Microsoft ones (they are 100% MS shop), just wondering what else > people > > are following in these areas. > > > > > > > > Thanks > > > > > > > > > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > -- "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question." http://raythestray.blogspot.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
