Articles
Lessons Learned from Testing Cisco EST Implementations for Interoperability with DigiCert
3 min read
Thanks to DigiCert for their contributions co-authoring this post. Interoperability for technology solutions is a top priority—standards used in these solutions become irrelevant when products operate in a silo. Thus, shifting to a new protocol in any solution takes careful consideration and collaboration by multiple parties in order to achieve a seamless operation. One such […]
ETSI/IQC’s 4th Workshop on Quantum-Safe Cryptography
2 min read
Quantum computers could break commonly used public key algorithms, which would affect cryptography used today. For that reason, there has been great attention on quantum safe crypto recently. We have blogged about it in numerous occasions [1], [2] , [3]. In that context, last week the 4th ETSI/IQC on Quantum-Safe Cryptography in Toronto, Canada brought […]
Quantum-resistant signatures: an update
3 min read
Quantum-resistant crypto Recently there has been great media attention on Quantum Computers (QC) and their potential impact on current cryptography standards. We blogged about it in 2015. All of this attention has drawn out critical efforts from many in academia and industry to solve problems with today’s cryptography that would break in a post quantum […]
Step-by-Step Setup of ELK for NetFlow Analytics
10 min read
Contents Intro Java Elasticsearch Logstash Kibana Intro The ELK stack is a set of analytics tools. Its initials represent Elasticsearch, Logstash and Kibana. Elasticsearch is a flexible and powerful open source, distributed, real-time search and analytics engine. Logstash is a tool for receiving, processing and outputting logs, like system logs, webserver logs, […]
OpenSSL Heartbleed vulnerability CVE-2014-0160 – Cisco products and mitigations
2 min read
*** UPDATED 15-April 2014 *** By now, almost everyone has heard of the OpenSSL Heartbleed vulnerability with CVE id CVE-2014-0160. The vulnerability has to do with the implementation of the TLS heartbeat extension (RFC6520) and could allow secret key or private information leakage in TLS encrypted communications. For more detailed information, visit the VRT’s analysis. […]
Cross-Site Request Forgery Attacks and Mitigations
1 min read
Cross-Site Request Forgery (CSRF) attacks: there are already enough articles out there that can explain what a CSRF attack is and provide potential examples. There are also plenty of security alerts that have been released by various vendors whose products are affected by CSRF-related vulnerabilities. CSRF attacks usually target web applications and attempt to make […]
Cisco Live London 2013: IPv6 Security Lab Recap
This post summarizes, on behalf of the instructors of the course, the experiences of delivering the IPv6 Security Lab session recently at Cisco Live London 2013.
- 1
- 2
2