security
Big Security—Mining Mountains of Log Data to Find Bad Stuff
4 min read
Your network, servers, and a horde of laptops have been hacked. You might suspect it, or you might think it’s not possible, but it’s happened already. What’s your next move? The dilemma of the “next move” is that you can only discover an attack either as it’s happening, or after it’s already happened. In most […]
Introducing Kvasir
4 min read
Cisco’s Advanced Services has been performing penetration tests for our customers since the acquisition of the Wheel Group in 1998. We call them Security Posture Assessments, or SPA for short, and I’ve been pen testing for just about as long. I’ll let you in on a little secret about penetration testing: it gets messy! During […]
7-Day Forecast: Bundle Up!
2 min read
It’s that time of year again—consider this post your friendly T-7 notice to start preparing for the final Cisco IOS Software Security Advisory Bundled Publication of 2013! As a reminder, the Cisco Product Security Incident Response Team (PSIRT) releases bundles of Cisco IOS Software Security Advisories on the fourth Wednesday of March and September each […]
IoT World Forum: Getting More Out Of IP Cameras
1 min read
For the past 15 years, businesses of all types and sizes have used IP cameras to monitor and protect their physical environments. Whether monitored in real-time by security staff or analyzed following a breach, cameras provide an essential physical security solution to keep employees, data, and network appliances safe. While this use case is still […]
August 2013 #SecureDC Twitter Chat Recap: SDN Security
2 min read
Our first SecureDC twitter chat created some great industry dialog around security for Software Defined Networks (SDN) as well as using SDN to improve security. SDN is going through a similar hype cycle as seen with cloud and we feel that it’s important to focus more on education now and broader collaboration, so that users […]
MS Detours: Ongoing vigilance keeps customers on the right track.
4 min read
This post discusses the potential for vulnerabilities to be present in software products due to the use of 3rd party Dynamic Link Libraries (DLLs). In some cases the DLLs that are injected end up with privileges, or permissions, that are far greater than what should be allowed.
#ExecInsights: Defend, Discover and Remediate with Security Services
2 min read
Like most industries, security has gone through many different evolutions. Over the past 20 years, the industry has been largely product focused, with customers deploying point products across the network in an effort to “cover” all security gaps. Over time and with the arrival of mobile, social and cloud, customers now recognize that having all […]
Industrial Grade SDN
3 min read
The software defined network has become all the rage lately for reasons that seem to vary and are caught up in interesting perceptions. One view was that it allowed a single network to be controlled centrally and divided up logically to prevent different groups from interfering with one another, well that’s true. Another view is […]
ICCC 2013: Improving Common Criteria Standards for New Technologies
1 min read
In order for government and enterprise organizations to keep their data secure from increasingly advanced cyber threats, security solutions and protocols are critical. However, these organizations must ensure that their chosen security solutions meet key security criteria, are standards based, perform as expected and interoperate reliably with existing technology. The challenges above are why Common […]
3