I like to keep up to date with what vulnerabilities are doing the rounds, what could affect me, and what my colleagues will be spending their time on.
Over time I've adopted a process that uses the New Nessus Plugins information and the Newsblur application. As you may already be aware I'm a fan of Nessus. The main reason being their openness when when I've suggested plugins and their fast turn around when I've requested updates to existing plugins.
Don't worry this isn't a blog post about how I scan everything with Nessus to discover vulnerabilities. For one, my license doesn't allow me to scan the server this blog is hosted on as it's a public IP address. This is a post about how I stay current with a good chunk of the vulnerabilities released each week, and also how I ignore those vulnerabilities that aren't relevant to me.
Google Reader is dead. Long live Newsblur!
I used to use Google Reader to manage my RSS feeds. I tried to consume the New Nessus Plugin feed but found that there was way too much going on in their feed for me to keep up, so I didn't keep it.
When Google announced that reader was finally going to be shutdown I tried a number of different replacement services. The main requirements for me were:
- Needs to be accessible in a web browser
- Needs to have an iOS app
- Needs to have an Android app
- All devices need to be in sync with what I've read.
It came down to a few contenders but eventually I chose Newsblur 2-3 days before Google Reader shut down. It met all of my requirements and the service was continually being updated (and still is). I was happy, and I even paid Newsblur for the privilege of hosting my RSS feeds. There was a little feeling of 'I'm not going to be the product anymore' and 'this service is pretty cool, why not handover a small amount of cash to keep Samuel and his dog Shiloh fed'.
Time to 'Train'
I'm not sure about you but I'm a bit of an electronic hoarder. My RSS feeds grow each week with one new article I liked leading to a whole new feed mysteriously appearing. I needed to take control of this, and discovered Newsblur's 'Train This Story' functionality.
Their training service allows me to like or or dislike a post based on a number of aspects such as the author, the title, tags, the blog from which it comes, or the person who shared it. This training then helps identify (or even hide) liked or disliked future posts. Initially I used this in my news feed to completely exclude sporting codes I'm not interested in.
How is Golf like Scientific Linux?
They're both post types that I've excluded from my feeds. I'll now get back to the original purpose of this post (though I am guessing that the above heading is a rare occurence of that particular sentence, and will likely never be used again). So when I had the ability to better filter my RSS feeds I readded the New Nessus Plugin Feed to Newsblur and started training the feed. As new posts appear I train the posts for those with products that I'm interested in (i.e. MS XML or Apple Quicktime) or not interested in (i.e. Scientific Linux).
Below is an example of me disliking openSUSE so that I won't see any future posts.
Now the plugin feed is tailored to products I'm interested in, and hides those products that I'm not interested in. Keeping me up-to-date with a good chunk of the current vulnerabilities.
Well obviously Nessus doesn't capture every product and it's not instantaneous, but for my personal devices and my curiosity it's more than enough. In an enterprise environment I'd be looking at the Open Source Vulnerability Database and their comercial license through Risk Based Security to get access to one of the most comprehensive vulnerability databases.