A few months ago, seventeen large organizations came together to
provide more timely and authoritative action information for people who
have to respond to new security vulnerabilities and new attacks. Every
Monday morning, the Critical Vulnerability Analysis (CVA) prioritizes
and summarizes the new vulnerabilities and automated attacks discovered
the previous week, and describes the actions taken by security
and systems managers at the large organizations (that are members
of the Council) to protect their computers and networks from the
automated attacks and from exploits of the reported vulnerabilities.
In general the CVA reduces the number of vulnerabilities you need to
consider by more than 80% and it does the research for you on what
remediation actions make sense.
The CVA is SANS most sought after digest, in part because its
mailing list is the one we use for Flash Alerts when the Internet
Storm Center or the FBI uncovers major attacks.