I am pleased to announce that the OASIS CSAF Common Vulnerability Reporting Framework (CVRF) Version 1.2 committee specification is now available. As covered in our previous blog posts, the purpose of the OASIS Common Security Advisory Framework
A few months ago, I wrote about the new OASIS Common Security Advisory Framework (CSAF) Technical Committee (TC). The purpose of the CSAF Technical Committee is to standardize the practices for structured machine-readable security
The Cisco PSIRT openVuln API is a RESTful API that allows customers to obtain Cisco security vulnerability information in different machine-consumable formats. It supports industrywide security standards such as the Common Vulnerability Reporting
During the last few years we have witnessed how the cyber security threat landscape has evolved. The emergence of the Internet of Things combined with recent events have profoundly changed how we protect our systems and people, and drive us to think
In October, we announced details about Cisco PSIRT’s new and improved security vulnerability disclosure format. Our Chief Security and Trust Officer, John Stewart, also revealed that Cisco will launch an application programming interface (API) that
Cisco is committed to protecting customers by sharing critical security-related information in different formats. Guided by customer feedback, Cisco’s Product Security Incident Response Team (PSIRT) is seeking ways to improve how we communicate
The Common Vulnerability Reporting Framework (CVRF) is a security automation standard intended to make your life easier by offering a common language to exchange traditional security and vulnerability bulletins, reports, and advisories. You can read
UPDATE: Webcast information is also now available at the Cisco Live 365 site Many network security administrators are struggling to keep their network “up-to-date” with the constant release of new vulnerabilities and software fixes. At the
In this article, you will be provided a thorough treatise on an in-house developed tool for parsing and validating CVRF documents aptly named "cvrfparse". The article is split into two parts. The first part, intended for CVRF document producers and
