Mobility, cloud and the Internet of Everything (IoE) continue to change IT security making point product solutions insufficient. The old model of having disparate products securing isolated areas simply won’t protect against the dynamic threats of today’s world. In the ever-growing world of the Internet of Everything (IoE) the number of attack vectors will only increase. Today’s security solutions require a continuous approach that is much more automatic when handling security threats before, during and after an attack.
The good news for our partners is that the acquisition of Sourcefire is complete. With Sourcefire part of the Cisco family, we will provide partners with a broad portfolio of integrated solutions that deliver unmatched visibility and continuous advanced threat protection across the entire attack continuum, and partners can:
- Work with one vendor to offer a wide range of industry leading security offerings;
- Become or remain more competitive in the security space; and
- Use the support of Cisco to build your security business Read More »
Tags: Cisco, security, Sourcefire
In the last week alone, two investigations I have been involved with have come to a standstill due to the lack of attribution logging data. One investigation was halted due to the lack of user activity logging within an application, the other from a lack of network-based activity logs. Convincing the asset owners of the need for logging after-the-fact was easy. But ideally, this type of data would be collected before it’s needed for an investigation. Understanding what data is critical to log, engaging with the asset owners to ensure logs contain meaningful information, and preparing log data for consumption by a security monitoring organization are ultimately responsibilities of the security monitoring organization itself. Perhaps in a utopian world, asset owners will engage an InfoSec team proactively and say, “I have a new host/app. To where should I send my log data which contains attributable information for user behavior which will be useful to you for security monitoring?” In lieu of that idealism, what follows is a primer on logs as they relate to attribution in the context of security event monitoring. Read More »
Tags: CSIRT, csirt-playbook, incident response, logging, logs, NCSAM, ncsam-2013, security, SIEM
Cisco Security has announced the closing of the acquisition of Sourcefire. Sourcefire founder and CTO (and creator of Snort®) Martin Roesch posted to Sourcefire’s blog this morning to share the news:
“I can tell you with certainty that this is a great match for Sourcefire, for Cisco and, ultimately, for our customers, partners and open source communities” said Roesch. “From a technology perspective, after having dedicated 15 years to Snort and then to Sourcefire, it’s personally gratifying to be part of building this strong foundation.”
Roesch, now vice president and chief architect of Cisco’s Security Business Group, is excited for the new opportunities presented. “It’s the new model of security I’ve been talking about for some time. Now working as part of the Cisco team, led by Chris Young, we can accelerate execution of this vision and make this even more impactful.”
This is just the first exciting news about the acquisition. As Roesch states in his post, “expect more great things as we continue down this path as ONE team.”
Read the full post: http://blog.sourcefire.com/Post/2013/10/08/1381233600-one-team–sourcefire-is-now-part-of-cisco/
Tags: acquisition, Cisco, security, Snort, Sourcefire
Chris Young, SVP of Cisco’s Security Business Group, posted an official announcement this morning on Cisco’s The Platform blog heralding the close of the Sourcefire acquisition.
“I am excited to announce that Cisco has completed the acquisition of Sourcefire. With this acquisition, we take a significant and exciting step in our journey to define the future of security. As one company, we offer an unbeatable combination that will greatly accelerate our mission of delivering a new, threat-centric security model”, said Young.
Young also goes in-depth regarding the new capabilities immediately available to current Cisco customers as well as what the acquisition means for Cisco Security roadmap:
- Leverage current ASA and FirePOWER hardware for future solutions
- Give Cisco customers immediate access to Sourcefire’s NGIPS, NGFW, and AMP solutions
- Committing to support open-source projects like Snort, ClamAV, and others
- Broader solution sets incorporating the newly acquired technologies
This year, Cisco has increased investment in security innovation to provide market-leading threat-focused capabilities.
Young also promised Cisco Security will focus on a “threat-centric” security model moving forward – which means a priority focus on the threats themselves versus policy or controls. “Through our threat-centric model,” he said “we will provide broad coverage across all potential attack vectors, rapidly adjust to and learn from new attack methods, and implement that intelligence back into the infrastructure after each attack.”
Read the full post with all the exciting details here: http://blogs.cisco.com/news/cisco-closes-sourcefire-acquisition-delivers-threat-centric-security-model
Tags: announcement, Chris Young, Cisco, security, Sourcefire
I am excited to announce that Cisco has completed the acquisition of Sourcefire. With this acquisition, we take a significant and exciting step in our journey to define the future of security. As one company, we offer an unbeatable combination that will greatly accelerate our mission of delivering a new, threat-centric security model. Through the addition of Sourcefire’s competitive talent and technologies, I see vast opportunities to expand Cisco’s global security footprint in both new and emerging markets, broaden our solution sets and deepen our customer relationships.
Security is now a boardroom discussion. Breaches mean lost IP, compromised customer information, lack of confidence and valuation impact. In tomorrow’s world of the Internet of Everything, the number and type of attack vectors will continue to increase, creating a daunting challenge for companies and those responsible to defend the infrastructure.
The single network perimeter has been replaced by a constantly morphing set of users, locations, access methods and devices creating the dual challenge of defending a dynamic perimeter and creating a near infinite number of points of vulnerability.
Read More »
Tags: security, Sourcefire