In my new job we just got a mandate to keep all third party apps (on all hosts
on the network) patched within 30 days.
But how? I know that Nessus has plug-ins for a lot of things, e.g. Adobe, but
we have a lot of high end engineering (design and modeling) apps and many of
those apps don’t even submit their newly-found vulnerabilities to the NIST
Nat’l Vuln Dbase. Some do of course, and maybe it is just these that I can go
But aside from pulling the RSS feed from NIST and then setting Outlook alerts
for about 150 application titles on the RSS feed.
Does anybody know if there exists an application or service for alerting on new