CERIAS
Center for Education and Research in Information Assurance and Security. University center for multidisciplinary research and education in areas of information security.
http://www.cerias.purdue.edu/

PatchManagement.org
Mailing list dedicated to the discussion of patch management.
http://www.patchmanagement.org/

Patchlink Corporation
Software vendor for cross platform patch management.
http://www.patchlink.com

PatchEasy
Software vendor for patch management.
http://www.patcheasy.com/

AusCERT
Australian Computer Emergency Response Team. Advisories and tools.
http://www.auscert.org.au

Bugtraq
Independent source for security vulnerabilities, alerts, and threats.
http://www.securityfocus.com/archive/1

ISS X-Force
Security alerts, advisories, and alert summaries from ISS.
http://xforce.iss.net/xforce/alerts

Makesecure.com
Network security news, alerts and updates
http://www.makesecure.com

PatchAdvisor
Fee based patch alert service.
http://www.patchadvisor.com

Secunia
Provides security advisories and information about patches, and provides software for vulnerability management.
http://secunia.com/

US-CERT
Established in 2003 to protect the nation's Internet infrastructure, US-CERT coordinates defense against and responses to cyber attacks across the nation.
http://www.us-cert.gov/

VulnWatch
Computer security vulnerability disclosure mailing list
http://www.vulnwatch.org/

Computer Incident Advisory Capability
CIAC publishes security bulletins and virus and hoax information. They provide computer security assistance to US Department of Energy (DOE) sites.
http://www.ciac.org/ciac/index.html

Patch Management Forum
Mailing list facilitates networking and information exchange related to patch management: announcements, testing, verification, operations processes, and vulnerabilities.
http://groups.yahoo.com/group/patchmgmt/

SecurityFocus: Bugtraq
Full disclosure computer security vulnerabilities feed.
http://www.securityfocus.com/rss/vulnerabilities.xml

Open Source Vulnerability Database
Searchable database of vulnerabilities. Offers data for download in XML format as well as via website. Details of how to submit new vulnerabilities, database schema and FAQ.
http://www.osvdb.org/

SANS Internet Storm Center
Cooperative cyber threat monitor and alert system. Features daily handler diaries that summarize and analyze new threats and events.
http://isc.sans.org/

Symantec DeepSight Threat Management System
Fee based security alert service that provides early warning of active attacks.
http://www.symantec.com/Products/enterprise?c=prodinfo&refId=988

Oracle Security Center
Tips, tools, and technologies to keep Oracle products safe, secure, and patched.
http://www.oracle.com/technology/deploy/security/index.html

Apache HTTP Server Vulnerability Lists
Lists of security problems fixed in released versions of the Apache HTTP Server.
http://httpd.apache.org/security_report.html

Secure Elements
Software vendor for IS technical control auditing, vulnerability management, and compliance. Provides advisories via XML and RSS, and fully supports OVAL and XCDDF XML standards for compliance and vulnerability functions.
http://www.secure-elements.com

CASESContact - tips and tricks
CASEScontact is an information security site providing tips and tricks for home users and SMEs (Small and Medium-Sized Enterprises) for FREE (How to protect against threats, vulnerabilities, privacy, encryption, viruses, worms, Trojans, spyware etc.).
http://casescontact.org/rss_tips.php

Secure Elements C5 Alert Feed
Vulnerability and patch alerts
http://rm.secure-elements.com/rss/seclabs.xml

Linux Security Group
Security Advisories, Anti Hackers, programming books and related links.
http://www.linux-security.us/

New Zealand Computer Emergency Readiness Team
Security Alerts and Advisories
http://www.nzcert.org.nz

FrSIRT
Provides security advisories and real-time information about vulnerabilities, exploits, and threats. Sponsor of the Common Vulnerability Scoring System (CVSS).
http://www.frsirt.com/english/