infosec

March 2, 2021

SECURITY

Canadian Bacon – Zero to Hero when it comes to Zero-Trust

5 min read

Zero-Trust means a lot of different things to a lot of different people but we can all agree that zero-trust means exactly that! We will focus on a use case to define an approach we can take to determine the capabilities required to achieve zero-trust.

January 15, 2020

SECURITY

Disk Image Deception

11 min read

Cisco's Computer Security Incident Response Team (CSIRT) detected a large and ongoing malspam campaign leveraging the .IMG file extension to bypass automated malware analysis tools and infect machines with a variety of Remote Access Trojans. During our investigation, we observed multiple tactics, techniques, and procedures (TTPs) that defenders can monitor for in their environments. Our incident response and security monitoring team's analysis on a suspicious phishing attack uncovered some helpful improvements in our detection capabilities and timing.

August 16, 2018

PERSPECTIVES

Infosec Fun, Fear, and Fables with Denise Fishburne a Cisco Champion Radio Podcast (S5|Ep.19)

1 min read

In this episode of Cisco Champion Radio, Cisco Champion hosts Tony Cuevas and Steve Kostyk talk all things InfoSec Fun, Fear, and Fables with Fish Fishburne.

April 30, 2018

SECURITY

DevSecOps: Lessons Learned

4 min read

Adoption of DevSecOps and the security improvements thereof has been quite impressive and has exceeded our own initial expectations. 

November 10, 2015

DIGITAL TRANSFORMATION

Join our IoT System Security Webinar

1 min read

Connecting more things in more places creates new security challenges. Please join us on November 17, 2015 at 8:00AM (PST) for the IoT System Security webinar and learn how to secure and control IoT with the Cisco IoT System Security. In this webinar you will hear how the IoT System Security product portfolio delivers secure […]

May 5, 2014

SECURITY

IE Zero Day – Managed Services Protection

1 min read

As of May 1, 2014, we can confirm Cisco customers have been targets of this attack. For the latest coverage information and additional details see our new post on the VRT blog. Protecting company critical assets is a continuing challenge under normal threat conditions. The disclosure of zero-day exploits only makes the job of IT […]

April 17, 2014

DATA CENTER

Bring Your Own Service: Why It Needs to be on InfoSec’s Radar

4 min read

Security concerns around cloud adoption can keep many IT and business leaders up at night. This blog series examines how organizations can take control of their cloud strategies. The first blog of this series discussing the role of data security in the cloud can be found here. The second blog of this series highlighting drivers […]

December 3, 2013

SECURITY

Operational Security Intelligence

7 min read

Security intelligence, threat intelligence, cyber threat intelligence, or “intel” for short is a popular topic these days in the Infosec world. It seems everyone has a feed of “bad” IP addresses and hostnames they want to sell you, or share. This is an encouraging trend in that it indicates the security industry is attempting to […]

December 2, 2013

SECURITY

Where’s Our Grace?

2 min read

Every year in Scottsdale, Arizona, there’s a unique Information Security conference created by Joyce Brocaglia at ALTA, supported by a who’s who of InfoSec companies like Cisco, RSA, and Symantec, and attended by hundreds of some of the brightest people I’ve ever met. It’s no coincidence that they are all women because this is the […]