Cisco SecCon 2012 brought together hundreds of engineers, live and virtually, from Cisco offices around the globe with one common goal: to share their knowledge and learn best practices about how to increase the overall security posture of Cisco products.
It is amazing to see how many definitions the word “hack” has out on the Internet. Just look at Wikipedia: http://en.wikipedia.org/wiki/Hack. In short, the word “hack” does not always mean a “bad” or “malicious” action.
I’ve had the opportunity and honor to present at SecCon several times, 2012 being my fourth year. My session this year was titled “Cisco PSIRT Vulnerability Analysis: What Has Changed Since Last SecCon”. As you probably already know (or might have guessed), I’m part of Cisco’s Product Security Incident Response Team (PSIRT). During my talk I went over an analysis of the vulnerabilities that were discovered, driven to resolution, and disclosed during this past year, as well as lessons learned from them. I also highlighted several key accomplishments Cisco has achieved during the last few years. For example, Cisco now has the ability to correlate and patch third-party software vulnerabilities. Additionally, we have grown Cisco’s Secure Development Lifecycle (CSDL) into a robust, repeatable and measurable process. As Graham Holmes mentioned in a recent blog post:
Our development processes leverage product security baseline requirements, threat modeling in design or static analysis and fuzzing in validation, and registration of third-party software to better address vulnerabilities when they are disclosed. In the innermost layer of our products, security is built-in to devices in both silicon and software. The use of runtime assurance and protection capabilities such as Address Space Layout Randomization (ASLR), Object Size Checking, and execution space protections coupled with secure boot, image signing, and common crypto modules are leading to even more resilient products in an increasingly threatening environment. Read More »
Having recently wrapped up the 5th Annual Cisco SecCon Conference, I’d like to take this opportunity to share with you what Cisco SecCon is and the benefits to our products and you, our customers. With that, let’s start with a brief overview!
What is Cisco SecCon?
SecCon is a security conference for Cisco engineers that focuses on two critical elements for a healthy corporate Security intelligence: 1) expansion of knowledge for all and 2) building a sense of community. We allocate two days for intensive hands-on security training, and then we provide two general session days to discuss a variety of security topics including:
According to a Nielsen study, social media is no longer in its infancy. No kidding.
During the November military confrontation between Israel and Hamas, social media played a very grown-up role. What distinguished it from past politically-charged social media exchanges was the participation of state and pseudo-state spokespersons. Official announcements were issued by the Israeli Defense Forces (IDF) and Hamas’ Al-Qassam Brigade via Twitter and Facebook in near real-time.
The IDF announced the initiation of the military campaign via Twitter, and tweeted in caps that it had “ELIMINATED” Hamas military commander Ahmed Jabari in an airstrike.
The Brigade responded with threats of retaliation; both sides posted minute-by-minute updates as the fighting unfolded.
The evolution of social media into an official communications venue should come as no surprise. It follows a time-honored pattern of disruptive ideas and technologies gaining acceptability as they move into the mainstream. The Nielsen Social Media 2012 study tells us that 30 percent of individuals’ mobile device time is spent accessing social media. That qualifies as mainstream.
BayThreat 2012, the third annual information security conference in the South Bay of San Francisco, will be held December 7–8 at The Firehouse Brewery in downtown Sunnyvale, Calif. This technical conference is well attended by security professionals from the top technology companies in the South Bay. Randy Ivener and Joe Karpenko, security specialists from Cisco Systems, will present “Network Threat Defense”at 10 a.m. Saturday at the conference.
Botnets, worms, and denial of service (DoS) attacks increasingly threaten the availability of every network, yet few network engineers realize the security benefits of leveraging network infrastructure to handle these attacks. “Network Threat Defense” will address how to build a more secure infrastructure and how to leverage inherent network features, such as NetFlow, to provide a full range of attack handling mechanisms. During the presentation, Ivener and Karpenko will briefly cover the following fundamental network security topics:
The Cisco Security Intelligence Operations (SIO) Portal has matured over the past several years, and I’d like to highlight this change from the portal’s development to its evolving stages. I’ll also share the latest features on the portal and invite you tell us what you think about the portal through your choice of a survey or feedback function.
The SIO portal is Cisco’s primary outlet for security intelligence and the public home to our threat and vulnerability content. You can check out the portal here http://www.cisco.com/security.