|
Several of the organizations I support have a need to track and preemptively upgrade/remove software before it becomes unsupported by the vendor (and thus lacking in security updates). As opposed to using vulnerability scanners that typically only notify you once software is already end of life, I created a list of software that was common to us with their upcoming EoL dates and applicable versions. In an effort to give back a bit to the community, I'm making that data public at the site below. If you have suggestions for software, please use the suggestions page on the site. http://www.upcomingeol.com |
SaltedSecurity 2 Posts |
| thread locked Quote Subscribe |
Jun 24th 2016 4 years ago |
|
SaltedSecurity, All too often organizations are surprised to learn they need to plan and budget for platform upgrades. Your website helps shine a light on the risk of unsupported software. As I am sure you know, some regulatory bodies specify that unsupported software can not be used and your website can help articulate that nicely. Thanks for supporting the ISC! Russell |
Russell 100 Posts ISC Handler |
| Thread locked. Quote |
Jun 24th 2016 4 years ago |
|
This is an excellent resource! I sincerely hope it can be maintained indefinitely. I have added it to my shortlist favorites bar simply because this site can provide a common piece of information I am regularly looking for when conducting security risk assessments. 5-Stars!!! Two Thumbs up!!! Standing Applause and Appreciation!!! If there is one thing I would recommend, it would be thinking about building the dark sister to the EOL database: A database of software that is already at EOL or out of support Basically a "walking dead" list of software that is no longer supported by vendors. (NOTE: if there is a such a resource out there already, please share) No doubt developing and maintaining that kind of resource would be a much larger undertaking, but often it is difficult to find information about software that is no longer supported, including when support ended. I have found situations where software was 10 years old and all documentation has evaporated from the net. Such a solution may need a vetting element to it to ensure the information provided is as accurate as possible. |
AlSitte 30 Posts |
| Thread locked. Quote |
Jun 28th 2016 4 years ago |
Sign Up for Free or Log In to start participating in the conversation!
