Hello all-

I just got done meeting with one of our security teams and the question has come up about Security Exploit Solutions Databases. We are using the ISS Network Scanner, along with NESSUS and are looking to test other scanners. The situation we run into is that the solutions that the scanners come back with, do not necessarily address the exploit. Specifically with HP-UX, so we are forced to further investigate and test solutions. I am wondering if anyone has found databases that explicitly explain solutions that work with specific *nix OS/OE.

We already work with:

Common Vulnerabilities and Exposures

CERT Coordination Center

X-Force Database

And specific to HP:

HP ITRC

I just want to make sure we are looking in the appropriate areas, and/or if there is a one-stop shop for these exploits.

Thanks in advance!