Usually your system and network admins receive those themselves as part of either support contracts or simply by registering for the appropriate notification/mailing list. Perhaps these links will help you out as well:
http://cve.mitre.org/about/index.html http://cve.mitre.org/compatible/compatible.html http://nvd.nist.gov/ Kind regards / Vriendelijke groet, IS Group Thijs Stuurman Powered by results. Wielingenstraat 8 | T +31 (0)299 476 185 1441 ZR Purmerend | F +31 (0)299 476 288 http://www.is.nl | KvK Hoorn 36049256 IS Group is ISO 9001:2008, ISO/IEC 27001:2005, ISO 20.000-1:2005, ISAE 3402 en PCI DSS certified. -----Oorspronkelijk bericht----- Van: NANOG [mailto:nanog-boun...@nanog.org] Namens DjinnS C. Verzonden: Tuesday, May 13, 2014 12:02 PM Aan: nanog@nanog.org Onderwerp: CERT and ISO 27001 Hi, I'm searching a service/company doing continuos review of security alerts for various tools, software and hardware (Apache, PHP, Cisco IOS, Juniper JunOS, Netapp Ontap, etc ...). I think the right way is to use a CERT offering commercial services with daily notifications about a list of specifics choosen subjects. I found some companies with a commercial CERT offering this services: Lexsi, XMCO, Intrinsec. Do you know or use a service link this ? We need this for our implementation of ISO 27001 standard. Thank you in advance. Regards, -- Guillaume
