Avatar

Omar Santos

Principal Engineer

Cisco Product Security Incident Response Team (PSIRT) Security Research and Operations

Omar Santos is an active member of the cyber security community, where he leads several industry-wide initiatives and standards bodies. His active role helps businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to increasing the security of their critical infrastructures.

Omar is the author of more than twenty (20) books and video courses, as well as numerous white papers, articles, and security configuration guidelines and best practices. Omar is a principal engineer of the Cisco Product Security Incident Response Team (PSIRT), where he mentors and leads engineers and incident managers during the investigation and resolution of cyber security vulnerabilities. Additional information about Omar's current projects can be found at this website, and you can follow Omar on Twitter: @santosomar

Articles

March 7, 2017

SECURITY

The Wikileaks Vault 7 Leak – What We Know So Far

UPDATE: March 17, 2017 Based on the “Vault 7” public disclosure, Cisco launched an investigation into the products that could potentially be impacted by these and similar exploits and vulnerabilities. As part of the internal investigation of our own products and the publicly available information, Cisco security researchers found a vulnerability in the Cluster Management […]

January 24, 2017

SECURITY

Keeping Up with Security Vulnerability Disclosures with the Cisco PSIRT openVuln API

The Cisco PSIRT openVuln API is a RESTful API that allows customers to obtain Cisco security vulnerability information in different machine-consumable formats. It supports industrywide security standards such as the Common Vulnerability Reporting Framework (CVRF), Open Vulnerability and Assessment Language (OVAL), Common Vulnerability and Exposure (CVE) identifiers, Common Weakness Enumeration (CWE), and the Common Vulnerability Scoring System (CVSS). This API […]

January 20, 2017

SECURITY

Guidelines and Practices for Multi-Party Vulnerability Coordination Open to Review

Recent cyber attacks on organizations around the world have demonstrated the need for consistency in managing security vulnerabilities. To answer that demand, the Industry Consortium for the Advancement of Security on the Internet (ICASI) and the Forum of Incident Response and Security Teams (FIRST) created the FIRST Vulnerability Coordination Special Interest Group (SIG). This is […]

January 19, 2017

SECURITY

Scoring Cisco Security Vulnerabilities with CVSSv3

The Cisco Product Security Incident Response Team (PSIRT) is now scoring all security advisories addressing security vulnerabilities that affect Cisco products and multivendor vulnerability alerts using the Common Vulnerability Scoring System version 3 (CVSSv3). The stakeholders at the Forum of Incident Response and Security Teams (FIRST) have done a great job in this new version […]

October 31, 2016

SECURITY

The Evolution of Scoring Security Vulnerabilities: The Sequel

Back in April, I wrote a blog post about the new version of the Common Vulnerability Scoring System (CVSS). The changes made for CVSSv3 addressed some of the challenges that existed in CVSSv2. For example, CVSSv3 analyzes the scope of a vulnerability and identifies the privileges an attacker needs to exploit it. The CVSSv3 enhancements […]

October 18, 2016

SECURITY

Evolving Security Disclosures : The New OASIS Common Security Advisory Framework (CSAF) Technical Committee

During the last few years we have witnessed how the cyber security threat landscape has evolved. The emergence of the Internet of Things combined with recent events have profoundly changed how we protect our systems and people, and drive us to think about new approaches for vendors to disclose security vulnerabilities to customers and consumers. […]

August 17, 2016

SECURITY

The Shadow Brokers EPICBANANA and EXTRABACON Exploits

UPDATE April 20, 2017 Cisco continues to evaluate potential implications of the activities and information posted publicly by the Shadow Brokers Group.  We launched an investigation to analyze the new files posted on April 14th, 2017, and so far have not found any new vulnerabilities or exploits that affect Cisco products and services. Cisco PSIRT will […]

April 28, 2016

SECURITY

The Evolution of Scoring Security Vulnerabilities

The Common Vulnerability Scoring System (CVSS), which is used by many in the industry as a standard way to assess and score security vulnerabilities, is evolving to a new version known as CVSSv3. These changes addressed some of the challenges that existed in CVSSv2; CVSSv3 analyzes the scope of a vulnerability and identifies the privileges […]

December 14, 2015

SECURITY

Introducing the Cisco PSIRT openVuln API

In October, we announced details about Cisco PSIRT’s new and improved security vulnerability disclosure format. Our Chief Security and Trust Officer, John Stewart, also revealed that Cisco will launch an application programming interface (API) that empowers customers to customize Cisco vulnerability information and publications. Today, we have officially launched the Cisco PSIRT openVuln API and it is available […]