Cisco Blogs


Cisco Blog > Security

Reducing the Attack Surface: Takeaways from the 2015 Annual Security Report

As the Cisco 2015 Annual Security Report shows, current security approaches aren’t sufficient. Attackers are shifting methods and becoming more sophisticated in their approaches, users are unwittingly complicit enablers, and defenders struggle to keep up with all of these things. It is time for defenders to take a different approach to security that not only outwits attackers but also makes security a competitive advantage that enables business growth.

By taking a threat-centric and operational approach to security, organizations can reduce complexity and fragmentation, while providing superior visibility, continuous control, and advanced threat protection across the extended network and the entire attack continuum.

Using Cisco technology, this approach is enabled by broad visibility for superior intelligence across the extended network, where all the solutions a customer deploys communicate with each other. Organizations using siloed solutions will have holes in their security. Siloed solutions do not provide full protection since they do not communicate with one another, thus leaving security gaps and the inability to create actionable intelligence.

Cisco can provide a holistic solution to this problem by reducing the attack surface and extending protection across the network – before, during and after attacks.

Read More »

Tags: , , , , , ,

Secure Remote Access During Holidays

In many parts of the world there was a holiday period and celebration of the New Year, and it reminds me that the world has holiday periods all year round. What happens to your remote access demands during holidays? One would think that being on holiday means no one needs access to corporate resources, correct? Sometimes I really wish that were true. Sadly, that has not always been the case even for me. As an example or two, maybe you can relate to the people below or know someone like this:

Read More »

Tags: , , , ,

Flash 0-day Exploited by Angler Exploit Kit

This post was authored by Nick Biasini, Earl Carter and Jaeson Schultz

Flash has long been a favorite target among Exploit Kits (EK). In October 2014 the Angler EK was believed to be targeting a new Flash vulnerability. The bug that the Angler exploit kit was attempting to exploit had been “accidentally” patched by Adobe’s APSB14-22 update. According to F-Secure, the vulnerability that Angler was actually attempting to exploit was an entirely new bug, CVE-2014-8439. The bug was severe enough that Adobe fixed it out-of-band.

Fast forward to January 2015. With the emergence of this new Flash 0-day bug, we have more evidence that the Angler Exploit Kit developers are actively working on discovering fresh bugs in Flash for themselves. The group is incorporating these exploits into the Angler EK *before* the bugs are publicized. Considering these 0-day exploits are being used alongside one of Angler’s preferred methods of distribution, malvertising, thus intensifying the potential for large-scale compromise. Read More »

Tags: , , , ,

More Than Just a Pretty Dashboard – Cisco ISE and Splunk Turn Event Data Analysis into Action

Previous blogs in this series, both by Splunk and Cisco, detail how Cisco Identity Services Engine (ISE) can be used to drive enhanced event visibility in Splunk.

Splunk is a machine data platform that allows you to search, report, alert, and visualize any data that it ingests. Cisco ISE brings an added dimension to analyzing all this data; it attaches key contextual data (for example, username, location, network policy status) to events and data analyzed by Splunk. The Splunk for ISE app, a free download from Splunk, comes with a number of built-in dashboards to correlate this machine data with user information and create customizable dashboards and reports.

However, this integration doesn’t just create pretty dashboards – it turns event analysis into action. Read More »

Tags: , , , ,

Why Isn’t It Easier to Customize Enterprise Mobility and Guest Portals?

Enterprises use Cisco ISE for securely granting access to visitors and on-boarding employee-owned devices over Wi-Fi. Portals for users to gain access are becoming more advanced, and the next step is for most customers to create a richer customized experience to:

Promote your brand to guests

AP_blog_1

Read More »

Tags: , , ,