Avatar

Omar Santos

Distinguished Engineer

Cisco Product Security Incident Response Team (PSIRT) Security Research and Operations

Omar Santos is a Distinguished Engineer at Cisco focusing on artificial intelligence (AI) security, cybersecurity research, incident response, and vulnerability disclosure. He is a board member of the OASIS Open standards organization and the founder of OpenEoX. Omar's collaborative efforts extend to numerous organizations, including the Forum of Incident Response and Security Teams (FIRST) and the Industry Consortium for Advancement of Security on the Internet (ICASI). Omar is the co-chair of the FIRST PSIRT Special Interest Group (SIG). Omar is the lead of the DEF CON Red Team Village and the chair of the Common Security Advisory Framework (CSAF) technical committee. Omar is the author of over 25 books, 21 video courses, and over 50 academic research papers. Omar is a renowned expert in ethical hacking, vulnerability research, incident response, and AI security. He employs his deep understanding of these disciplines to help organizations stay ahead of emerging threats. His dedication to cybersecurity has made a significant impact on technology standards, businesses, academic institutions, government agencies, and other entities striving to improve their cybersecurity programs. Prior to Cisco, Omar served in the United States Marines focusing on the deployment, testing, and maintenance of Command, Control, Communications, Computer and Intelligence (C4I) systems.

Articles

October 10, 2024

3

SECURITY

Introducing Cisco’s AI Security Best Practice Portal

2 min read

Cisco's AI Security Portal contains resources to help you secure your AI implementation, whether you're a seasoned professional or new to the field.

July 18, 2024

14

SECURITY

Introducing the Coalition for Secure AI (CoSAI)

2 min read

Announcing the launch of the Coalition for Secure AI (CoSAI) to help securely build, deploy, and operate AI systems to mitigate AI-specific security risks.

June 21, 2024

2

SECURITY

Enhancing AI Security Incident Response Through Collaborative Exercises

2 min read

Take-aways from a tabletop exercise led by CISA's Joint Cyber Defense Collaborative (JCDC), which brought together government and industry leaders to enhance our collective ability to respond to AI-related security incidents.

May 31, 2024

2

SECURITY

Introducing the Open Supply-Chain Information Modeling (OSIM) Technical Committee

4 min read

OSIM is a great advancement towards a more secure and resilient supply chain ecosystem.

March 26, 2024

LEARNING

Securing the LLM Stack

7 min read

Learn how to secure the LLM stack, which is essential to protecting data and preserving user trust, as well as ensuring the operational integrity, reliability, and ethical use of these powerful AI models.

December 18, 2023

1

SECURITY

Securing AI: Navigating the Complex Landscape of Models, Fine-Tuning, and RAG

7 min read

Bad actors leverage AI, escalating the complexity and scale of threats. We need robust security measures and proper monitoring in developing, fine-tuning, and deploying AI models.

August 24, 2023

9

SECURITY

Akira Ransomware Targeting VPNs without Multi-Factor Authentication

4 min read

Cisco has observed instances where threat actors appear to be targeting organizations that do not configure multi-factor authentication for their VPN users. This highlights the importance of enabling multi-factor authentication (MFA) in VPN implementations.

April 18, 2023

29

SECURITY

Threat Actors Exploiting SNMP Vulnerabilities in Cisco Routers

2 min read

Recent reports and threat intelligence indicate that cyber attackers are exploiting vulnerabilities in legacy Cisco routers and switches that have not been properly upgraded, configured, or updated with the latest software.

March 15, 2022

1

SECURITY

Cyber Actors Bypassing Two-Factor Authentication Implementations

2 min read

A recent FBI flash bulletin described how cyber actors were able to use the PrintNightmare vulnerability (CVE-2021-34527) and bypass Duo 2FA to compromise an unpatched Windows machine and gain administrative privileges. This did NOT leverage or reveal a vulnerability in Duo.