Hi all,
is https://vulnerability.isc2.org/ down? All I have been getting when I have been checking for days is HTTP 503 error - or have they killed a very useful benefit of CISSP membership?
KR,
Wayne
Confirmed it is down. I have heard nothing about this being discontinued.
@AndreaMoore might know the right team to check with.
John-
Hi Wayne, Vulnerability Central was discontinued as an ISC2 member benefit as of December 31, 2023. If you are interested in continuing to receive Vulnerability Central's list of timely, curated security notifications as a direct service, contact dabbondanzio@cytenna.com for more information.
I received an email from Cytenna on November 21 of last year, which announced they would end service to ISC2 members on 12-31-2023. I was a long-time subscriber of this service from my "feral, early days" in cybersecurity. The alerts I received were poorly assembled at best, and glacially slow at worst. Cytenna may have been a source, but it was a pitiful source.
Now that I've participated with ISACs, the Center for Internet Security , SANS (both @risk and Internet Storm Center), and CISA, plus less official channels like VXUnderground on Twitter (sorry, no linky!), there's a big difference between their raw, effective alerting structure, and Cytenna's ancillary, meandering reports.
I'm still feral, though.
(my opinion is my own. edited to add CISA)
@isc2jade You might consider adding a placeholder page that informs people that it is not longer offered and direct them to other options...
John-
@ericgeater wrote:Now that I've participated with ISACs, the Center for Internet Security , SANS (both @risk and Internet Storm Center),
I would consider SANS Internet Storm Center the best source, in particular the morning podcasts with Johannes Ullrich. Like you, I found Cytenna quite lacking - I mean their current current HTTPS cert is expired. This industry is full of snakeoil.
I must have missed the memo about the discontinued benefit - Thank you for confirming @isc2jade that it is no longer available.
@ericgeater Yes there are some great sources there that you list - I will adapt my TTPs (tactics, Techniques & procedures)
Have great day all 🙂
There's another consideration which would follow your hardware technical debt: do you currently have channels to advisories from their manufacturers? If you have Megusta backup appliances, Sinsalpor network devices, Nolacara server systems, or Bromatonta cellular infrastructure, have you subscribed to any alert notification systems those companies may have available?
Not that companies always do a better job of disseminating alerts which address their own equipment, but that's what you pay for support for, in my mind's eye.