From the vulnerability management front, CVE-Checker is a FREE tool for *nix that may have reached a useful version. This is not a bullet-proof method and you will most likely have many false positives, but it is still better than nothing. Handy if you are running an uncommon or poorly security covered distribution.
CVE-Checker will scan your system to identify applications installed on your system, and monitor CVE databases for new records that match. It still requires some manual management, like identifying software versions, patches applied already, and the like.
Add it to your list of tools for small businss Vulnerability Management.