Cisco Blogs


Cisco Blog > Security

Death, Taxes, and Vulnerability Scanners

When talking about vulnerabilities, the Cisco PSIRT has probably seen it all. Vulnerabilities that can be exploited over the network, vulnerabilities that need local access, and vulnerabilities that need physical access. Vulnerabilities that affect integrity, confidentiality, and availability. Vulnerabilities at the operating system level, at the application level, or at the protocol level. Hands down, the most time consuming and complex to handle are those involving a protocol – we need to investigate each and every Cisco product that implements the affected protocol. And if the vulnerability is in, say, IPv4… the investigation will require significant time and resources.

But there is one kind of report that makes the heart of any PSIRT Incident Manager sink – an email from a customer asking “How do I fix these vulnerabilities?”. And attached to the email – a report from a vulnerability scanner.

Read More »

Tags: ,

PCI Compliance Made Simple

ID Please?

Many have argued that the PCI DSS, Payment Card Industry Data Security Standard is too complex to be realistic in a real-world environment. Cisco takes the opposite stance maintaining that the principles and security standards contained within the documentation should actually be considered a minimum. The true challenge being not in the implementation but in the ongoing management – the maintenance if you will.

This show promises to layout a simplified view of the standard with real-world, practical advice where anyone can find exactly how they would apply their unique situation. We have pulled out all the stops with our story-telling and top notch guests as we have members of the standards board, networking experts and certifies QSA auditors joining us.

PCI. It’s not just for Breakfast

It’s amazing how many networks fall into the “compliance required” category.  For PCI it only takes one credit card transaction to be at risk…but rather than focus on the negativity of the required audit – this topic and the maturity of the standard is actually good for ANYONE interested in protecting their data.  You may have the typically binary response as to whether this show applies to you…but I think you need to give it a go.  You may be surprised….the show and the Shownotes are after the jump.

Read More »

Tags: , , , , , , ,

SNMP MIB Changes Related to IPv6

Simple Network Management Protocol (SNMP) is part of IETF’s Internet Protocol Suite that consists of four abstraction layers and defines a set of protocols used on the Internet. SNMP is mainly used for management and monitoring of networked devices. It can inform about the health of a network device or other reflections of its state (interfaces, IP addresses, traffic and more). SNMP is defined as part of IETF RFC 1157. For its function, it leverages Management Information Bases (MIBs), which define the structure of device information maintained. They represent a hierarchical namespace containing object identifiers (OIDs). Each OID identifies an object that holds the information of interest and can be polled or set via SNMP.

Read More »

Tags: , , ,

Believing These 5 Security Myths Could Put Your Business At Risk

Learn the truth behind these common misconceptions to rethink your security

Many small businesses have a false sense of security. They’ve been lulled into believing that their companies’ data is more secure than it actually is, because they believe some of the common misconceptions about security. Consequently, these businesses have left themselves open to both data and financial loss.

Don’t put your business at risk. Learning the truth behind these five security myths will help you strengthen your company’s network defenses and protect your critical information.

Read More »

Tags: , ,

The Web: Recipe for Pwnage

The web, which for many people is more like the internet than a service that runs over the internet, has brought profound changes. While opening a great number of doors and creating opportunities that otherwise might not exist), the web also creates exposure and opportunities for those who would do bad things.

One of the challenges that IT and security professionals constantly face is finding the right balace between access and flexibility on one side and security on the other. The perfectly locked down, 100% airgapped network may be secure, but such an island would be less than useful for most organizations.

Read More »

Tags: ,