Tech Tip: Staying up to date with security vulnerabilities

Chris McAndrew, the tech lead for anything to do with hacking at Azzurri, says it is important to stay up to date with security vulnerabilities.

Why?

Mainly, to protect yourself, your company and your customers. If you do not stay up to date on security vulnerabilities you may be installing equipment with known issues then if you are lucky your customer will fail a penetration test, if you are less lucky they will fail a compliance test or maybe get hacked – or both and usually the first word uttered by the customer is ‘compensation’.

If you do stay up to date the correct patches can be applied, in a timely fashion, and everyone, hopefully, stays happy.

Where are these security advisories kept?

On the internet, there are many sites;

Common Vulnerabilities and Exploits – http://cve.mitre.org/

National Vulnerability Data Base – http://nvd.nist.gov/

BugTraq – http://www.securityfocus.com/

Open Source Vulnerability Data Base – http://osvdb.org

United States Computer Emergency Readiness Team- http://www.kb.cert.org/vuls/

IBM Internet Security Systems – http://xforce.iss.net/

SANS – http://www.sans.org/

To name but a few and all you have to do is to monitor them and sort the wheat from the chaff. On an average week I will receive approximately 1200 notifications of which, usually, less than a dozen will be telecom related.

The following two tabs change content below.

admin

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nam dignissim magna vitae dui posuere eu feugiat augue eleifend. Fusce sed tincidunt quam. Donec varius aliquam metus ut semper. Donec augue purus, feugiat interdum malesuada vel, aliquet quis massa. Nulla facilisi. Nam vel ante quam, et tincidunt dui. Maecenas venenatis libero eu nulla tincidunt et accumsan velit sodales. Nam congue mauris et felis porttitor blandit. Nam eget tempor massa. Nullam suscipit gravida eros, ac suscipit magna feugiat sit amet.

Latest posts by admin (see all)