We introduced OpenAppID in early 2014 with the goal of empowering customers and the open source community to control application usage in their network environments. Since then, we have increased our coverage from 1,000 OpenAppID detectors to more than 2,600, and have received valuable feedback from the community on ways to improve the product.
The case of having an open, application-focused detection language and processing module for Snort has attracted the attention of the Internet of Everything (IoE) world. There are countless devices out there using the Internet on their own, varying from a remote IP based camera to an industrial based sensor in which may include some security features on them.
With the combination of OpenAppID and Snort we are giving the capability to the open source community to create their own application-based protocols and classifications, which can be used to Read More »
Tags: IoE, IPS, open source, OpenAppID, security, Snort, Sourcefire
Ponemon Institute called 2014 the year of the “Mega Breaches,” which will be remembered for its series of mega security breaches and attacks. These “Mega Breaches” are perfect examples of what is commonly known as Advanced Persistent Threats (APTs). The Ponemon Institute survey asked, among many questions, “When was the breach discovered?” Surprisingly, the results revealed that ONLY 2% of the respondents in the survey discovered their breach within one week of after the incident and a staggering 90% were six months or longer, if at all.
Read More »
Tags: data breach, design guide, Lancope, NGIPS, threat defense
Organizations today have no shortage of challenges when it comes to cyber security and their growing IT infrastructure. Not only is the frequency and sophistication of malware attacks on the rise, but with the proliferation of mobility, BYOD, IoT, and cloud services; the number of entry points an attacker has into the network grows exponentially with them.
Given this landscape we know the most effective way to address these threats is with security offering continuous analysis and retrospective protection that extends across all attack vectors in the extended network. With AMP Everywhere, security is just as pervasive as today’s advanced threats, and thanks to continuous analysis and retrospective protection, our customers gain reduced time to detection.
For the second year in a row, we have third-party validation from NSS Labs that we provide the most effective security available in the market today. Cisco Advanced Malware Protection (AMP) was tested along with seven other vendors and achieved a 99.2% security effectiveness score – the highest of all vendors tested in the 2015 NSS Labs Security Value Map (SVM) for Breach Detection Systems. What I find most interesting and rather disappointing in these results is that Cisco is the only vendor in the test to successfully handle all evasion attempts.
Read More »
Tags: Advanced Malware Protection, AMP, breach detection test, malware, nss labs, Product Analysis Report, Security Value Map, SVM
The well-known Quarry Worker’s Creed, called out in prefaces to books such as “The Pragmatic Programmer” and “Ship While you Sleep”, posits the notion of IT done right as more than simple engineering discipline – good software development, for example, should not “preclude individual craftsmanship”. Drawing parallels to the construction of large cathedrals built in Europe during the Middle Ages, the quarry worker’s creed points out that while generations of builders advanced the state of structural engineering from one decade to the next, the “…carpenters, stonecutters, carvers, and glass workers were all craftspeople, interpreting the engineering requirements to produce a whole that transcended the purely mechanical side of the construction”.
We who cut mere stones must always be envisioning cathedrals, says the Quarry Worker’s Creed, and as companies, cities and countries lean on their IT teams to enable the transformation to digital business, the talented men and women that work in technology are not just builders: they are increasingly artisans and craftsmen – experts in the tools of the trade and also nuanced in navigating the vicissitudes that present themselves in the quest to build and secure the technology that powers the next wave of innovation and growth.
Cybersecurity teams in particular have their hands full today. On one hand there are all the new advances that we often can’t get fast enough: crowd-funded financial services, online education, virtual booking for work spaces, driverless cars – to name just a few. All of these need security be conceptualized and built-in from the beginning (or not, to our peril). On the other hand, their adversaries, the often-elusive hackers are increasingly sophisticated actors, who design malware, tweak code and inject vulnerabilities with the same flair and passion of a renaissance architect. Read More »
Tags: 2015 midyear security report, Cisco Midyear Security Report, MSR, security, services
After several months leading the managed security services portfolio at Cisco, I sat down with the social media team to discuss my path to Cisco, the evolution of the security market, and the future of security. [Note: This is an abridged version of the full interview.]
Q: After nearly 20 years at Symantec, why did you decide to move to Cisco?
TP: Cisco has all of the pieces necessary to solve the biggest security problems facing businesses today and into the future. Cisco’s position in the network, its broad security product portfolio, its strong and continued investment in security, and its pivot toward driving business outcomes and solving customer problems place this company in a unique position to lead the charge toward the next generation of security. As a part of a company that builds the cloud, mobility, collaboration, and Internet of Everything technologies driving change in the security market, we have a unique opportunity to proactively build security services that enable the secure adoption of these innovations. Our ability to integrate with networking technologies and all types of connected devices allows us to feed huge amounts of data from across an entire customer network into our big data platform for detecting, investigating, and analyzing threats. I’m eager to take what I’ve learned throughout 19 years in security and put that knowledge and experience to work in building up Cisco’s resources into a next-level suite of solutions. Read More »
Tags: analytics, Big Data, Cisco Security Solutions, managed security, network security, security, SIEM