The theme for this year’s SecCon was “Building on a Foundation of Security.” The breadth of topics discussed that are relevant to being a trusted vendor and producing trustworthy products is quite significant. Naturally many of the discussions revolved around the Cisco Secure Development Lifecycle (CSDL), Cisco’s approach to building secure products and solutions. As Graham Holmes mentioned in a recent blog post, CSDL takes a layered approach, w…

Read More >>

Tags: cisco-seccon-2012, CSDL, Linux, product security, SecCon, security

What a week! From October 31-November 3, Cisco hosted its annual internal security event—SecCon 2011. Co-hosted by Greg Akers, SVP of Cisco’s Global Government Solutions Group and Ed Paradise, Vice President of Engineering, this marked the fourth year in which we shared the latest in product security practices, policies, processes, and thought leadership with employees who participated in live and virtual sessions around the world. We kicked-off…

Read More >>

Tags: common crypto, CSDL, product certifications, product security, public policy, Secure Development Lifecycle, security, trustworthy systems

Cisco SecCon 2012 brought together hundreds of engineers, live and virtually, from Cisco offices around the globe with one common goal: to share their knowledge and learn best practices about how to increase the overall security posture of Cisco products. It is amazing to see how many definitions the word “hack” has out on the Internet. Just look at Wikipedia: http://en.wikipedia.org/wiki/Hack. In short, the word “hack” d…

Read More >>

Tags: Cisco Security, cisco-seccon-2012, CSDL, intellishield, product security, psirt, SecCon, security, third party software

Over the past month, many of the Cisco Security Blog contributors have provided their view on Cybersecurity and its implications for customer network designs, architectures, protections, and services. These, in aggregate, stress what we all know: security is best achieved using a layered defense that includes securing endpoints, hosts, and network and services infrastructures. Cisco adds some unique layers to this defense, which stems from our e…

Read More >>

Tags: CSDL, cyber-security-month-2012, secure development, Secure Development Lifecycle

Having recently wrapped up the 5th Annual Cisco SecCon Conference, I’d like to take this opportunity to share with you what Cisco SecCon is and the benefits to our products and you, our customers. With that, let’s start with a brief overview! What is Cisco SecCon? SecCon is a security conference for Cisco engineers that focuses on two critical elements for a healthy corporate Security intelligence: 1) expansion of knowledge for all and 2) buildi…

Read More >>

Tags: Cisco Secure Development Lifecycle, Cisco Security, cisco-seccon-2012, CSDL, product security, SecCon, security