Avatar

Omar Santos

Distinguished Engineer

Cisco Product Security Incident Response Team (PSIRT) Security Research and Operations

Omar Santos is a Distinguished Engineer at Cisco focusing on artificial intelligence (AI) security, cybersecurity research, incident response, and vulnerability disclosure. He is a board member of the OASIS Open standards organization and the founder of OpenEoX. Omar's collaborative efforts extend to numerous organizations, including the Forum of Incident Response and Security Teams (FIRST) and the Industry Consortium for Advancement of Security on the Internet (ICASI). Omar is the co-chair of the FIRST PSIRT Special Interest Group (SIG). Omar is the lead of the DEF CON Red Team Village and the chair of the Common Security Advisory Framework (CSAF) technical committee. Omar is the author of over 25 books, 21 video courses, and over 50 academic research papers. Omar is a renowned expert in ethical hacking, vulnerability research, incident response, and AI security. He employs his deep understanding of these disciplines to help organizations stay ahead of emerging threats. His dedication to cybersecurity has made a significant impact on technology standards, businesses, academic institutions, government agencies, and other entities striving to improve their cybersecurity programs. Prior to Cisco, Omar served in the United States Marines focusing on the deployment, testing, and maintenance of Command, Control, Communications, Computer and Intelligence (C4I) systems.

Articles

December 18, 2023

SECURITY

Securing AI: Navigating the Complex Landscape of Models, Fine-Tuning, and RAG

7 min read

Bad actors leverage AI, escalating the complexity and scale of threats. We need robust security measures and proper monitoring in developing, fine-tuning, and deploying AI models.

August 24, 2023

SECURITY

Akira Ransomware Targeting VPNs without Multi-Factor Authentication

4 min read

Cisco has observed instances where threat actors appear to be targeting organizations that do not configure multi-factor authentication for their VPN users. This highlights the importance of enabling multi-factor authentication (MFA) in VPN implementations.

April 18, 2023

SECURITY

Threat Actors Exploiting SNMP Vulnerabilities in Cisco Routers

2 min read

Recent reports and threat intelligence indicate that cyber attackers are exploiting vulnerabilities in legacy Cisco routers and switches that have not been properly upgraded, configured, or updated with the latest software.

March 15, 2022

SECURITY

Cyber Actors Bypassing Two-Factor Authentication Implementations

2 min read

A recent FBI flash bulletin described how cyber actors were able to use the PrintNightmare vulnerability (CVE-2021-34527) and bypass Duo 2FA to compromise an unpatched Windows machine and gain administrative privileges. This did NOT leverage or reveal a vulnerability in Duo.

April 29, 2019

SECURITY

The PSIRT Services Framework: Helping the Industry Protect the Ecosystem

3 min read

At Cisco, our leadership made the decision over twenty four years ago that we would clearly publicly communicate security vulnerabilities or other issues that could potentially expose customers to risk....

April 22, 2019

SECURITY

Insights About the Global Internet Routing Table Reaching the 768k Milestone

2 min read

Back in 2014, I wrote an article that highlighted that global Internet routing table passed the 512,000 or 512k route mark. Today we know that another significant milestone has been...

November 14, 2018

SECURITY

Celebrating the 100th Anniversary of Veterans Day Serving Those Who Served

2 min read

This week marks the 100th Anniversary of Armistice Day and Veterans Day.  With veterans top of mind, Cisco today announced the expansion of CyberVetsUSA, a free cybersecurity training program...

June 22, 2018

SECURITY

Cisco PSIRT Notice About Public Exploitation of the Cisco ASA Web Services Denial of Service Vulnerability

1 min read

With the security of our customers' networks being a top priority, we're actively raising awareness of a vulnerability affecting Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software.

February 5, 2018

SECURITY

Understanding the Attack Vectors of CVE-2018-0101 – Cisco ASA Remote Code Execution and Denial of Service Vulnerabilit …

4 min read

On January 29, 2018, the Cisco PSIRT published a security advisory about a remote code execution and denial of service vulnerability affecting the Cisco ASA and Cisco Next-Generation Firewall platforms.