When I was little, my father kept our family car in tip-top shape. He overhauled brakes, rebuilt engines, tuned carburetors, and swapped out suspensions. He could do just about anything, and he knew every component, inside and out.
From an early age, I enjoyed “helping” my father whenever there was a chance. I handed him wrenches, brought him cool glasses of water on hot summer days, and held the flashlight when the repairs went late into the night. Perhaps he could have managed without my help, but we both enjoyed our time together. Even more importantly, I learned from an early age how a little help could make a big difference.
At Cisco, we believe in the power of people helping people. We believe everyone could use a little help sometimes to save time, energy, and to get the most out of what they already have. We may not have a cool glass of water to offer, but we can hand you a useful tool or two while you’re working “under the hood” of your network. This is why we created Cisco Active Advisor.
Read More »
Tags: best practices, cisco active advisor, Cisco PSIRT, Cisco Verified Design, free, lifecycle management, network inventory
Cisco is committed to protecting customers by sharing critical security-related information in different formats. Guided by customer feedback, Cisco’s Product Security Incident Response Team (PSIRT) is seeking ways to improve how we communicate information about Cisco product vulnerabilities to our Customers and Partners. As John Stewart mentioned on his blog post, the Cisco PSIRT has launched a new and improved security vulnerability disclosure format. The new Cisco Security Advisories can be accessed at http://www.cisco.com/go/psirt and at http://cisco.com/security
The intent is to make it easier for Customers and Partners to access information about all security vulnerabilities in Cisco products. Each vulnerability disclosed through our new security advisories are assigned a Common Vulnerability and Exposures (CVE) identifier to aid in identification. Additionally, Cisco will continue to assess all vulnerabilities using the Common Vulnerability Scoring System (CVSS). Check out the sites for CVE, CVSS, and this CVSS scoring calculator if these terms are relatively new to you or you simply need a refresher.
Read More »
Tags: Cisco PSIRT, cvrf, Open Vulnerability and Assessment Language (OVAL), OVAL, psirt, security advisories, security automation, vulnerabilities, vulnerability disclosure, vulnerability management
Who doesn’t enjoy a vacation? And not just one day, but – four!
What if there were a cloud service that saved you so much time, you could actually send all of London’s working population on a 4-day vacation?
Well, that’s exactly what Cisco Active Advisor does – save you time and money so you can do just that! Read Pradeep’s post to find out how – Introducing Cisco Active Advisor – A Free Cisco Tool for Your Network.
But more on that later… Read More »
Tags: caa, cisco active advisor, Cisco PSIRT, Cisco Verified Design, CVD, End of Life, lifecycle, network discovery, network maintenance, network management
Today, we released the final Cisco IOS Software Security Advisory Bundled Publication of 2014. Six years ago, Cisco committed to disclosing IOS vulnerabilities on a predictable schedule (on the fourth Wednesday of March and September each calendar year) in direct response to your feedback. We know this timeline allows your organization to plan and help ensure resources are available to analyze, test, and remediate vulnerabilities in your environments.
Today’s edition of the Cisco IOS Software Security Advisory Bundled Publication includes six advisories that affect the following technologies:
- Resource Reservation Protocol (RSVP)
- Multicast Domain Name System (mDNS)
- Session Initiation Protocol (SIP)
- DHCP version 6 (DHCPv6)
- Network Address Translation (NAT)
Read More »
Tags: Cisco IOS software, Cisco IOS Software Checker, Cisco PSIRT, Cisco Security, psirt, security advisories, vulnerabilities
Ed Paradise, Vice President of Engineering for Cisco’s Threat Response, Intelligence and Development Group
Much has been made of the industry-wide Heartbleed vulnerability and its potential exploitation. Cisco was among the first companies to release a customer Security Advisory when the vulnerability became public, and is now one of many offering mitigation advice.
Those dealing with this issue on a day-to-day basis know it’s not enough to just patch the OpenSSL software library. Organizations also need to revoke and reissue digital certificates for their Heartbleed-vulnerable sites. If your certificates were stored in a Trust Anchor Module (TAM), they are still safe. Otherwise, a few additional steps should be taken to ensure you and your customers are secure:
Read More »
Tags: Cisco PSIRT, Cisco Security, Heartbleed, OpenSSL, psirt, security