If you run an external site using SharePoint 2007 / 2010 that is non-commercial (your blog, a community site, etc.) you can now sign up for the ARB SharePoint Security Assurance program for free. This will allow you to offload any platform level security issues ensuring you recieve prompt notification of problems with your environment before they become an issue.
Navigate to here, scroll down to the bottom of the page where the SharePoint Security Assurance For Blogs / Community Sites is listed. All you need to provide is a name, email (which is used later for distributing notifications), and a URL. After signing up, you will recieve a download link with 24 hours with the Security Assurance WebPart (which while being helpful as a display mechanism is crucial for the brokering between the scanning arrays and your farm) which will need to be deployed to your environment.