If you’re an experienced malware reverse engineer, exploit developer, response specialist, intel analyst, or looking to start your career in security, Talos might be the place for you.  We have a number of positions open in Columbia, Maryland; Austin, Texas; San Jose, California; and San Francisco, California.  If you are open to relocation to one of those areas, have the right skills, and share some of our beliefs below then applying for one of our numerous positions might be for you.

For those not familiar with Talos, it is Cisco’s premier Threat Intelligence organization that supports all of Cisco’s security portfolio.  Detecting and preventing threats that target Cisco customers is our job, and given Cisco’s security footprint and breadth of product portfolio we can engage those threats from Cloud to Core.

It does however, take a special type of individual to join Talos, so give the list below a look and see if your beliefs match up with our distinctive culture. Read More »

Tags: jobs, Talos, Threat Research

The portals that your employees and guests use for enterprise mobility and guest access are a reflection of your company brand and putting your best foot forward means customizing them for a better user experience. The challenge is that customization often requires someone with knowledge of HTML, Java, CSS, and even jQuery skills – in addition to having design skills to properly feature content.

While Cisco offers brand new, out-of-the-box customization with Cisco Identity Services Engine (ISE) 1.3, we wanted to give customers the ability to do much more – so we’ve introduced a new, web-based tool called the ISE Portal Builder that we demo’d at Cisco Live! in Milan, Italy. The show attendees who came by our booth and attended private showings were really amazed by the capabilities offered and they recognized that the ISE Portal Builder enabled almost anyone to build a beautiful guest, BYOD, profile, sponsor, or MDM portal in minutes at no additional cost.

While we already improved the ISE 1.3 ability to quickly model workflows and do basic customization, utilizing the ISE Portal Builder designers can choose from a suite of templates, or create their own using a drag-and-drop page creator. In addition, we’ve made it easy to import, layout, and manage images and other displayed files. You can add advertisements and banners in different places, and even add them into a rotating carousel. You can select up to 17 languages and even create a custom portal for each!

To access the tool go to http://isepb.cisco.com and register using your CCO ID.

Tags: cisco live, Cisco Live Europe, Cisco Live Milan, security

Registration is now open for the upcoming FIRST Technical Colloquium May 4-6, 2015 at Cisco Systems in Amsterdam, Netherlands. Please contact us at amsterdam-tc@first.org for any questions. The event already has an exciting preliminary program covering:

• Attacks Against Cloud Server Honeypots
• Emerging Threats – The State of Cyber Security
• Cisco IOS and IOS-XE Integrity Assurance
• CIIP and NIS Directives and Their Implication for CERTs – Recent German Activities
• APT Attack & Mobile Threats – MyCERT Case Studies
• Challenges in Applied Threat Intelligence
• SSHCure: Flow-Based Compromise Detection Using NetFlow/IPFIX
• Next Level Red Team vs. Blue Team

As well as many more current issues facing the incident response community! Learn how organizations operationalize intelligence to mitigate and detect advanced threats, and listen to war stories from front line incident responders and managers.

The event’s line-up includes notables from KPMG, IBM, CERT, Cisco, MyCERT, Alertlogic, and many others. Looking forward to a great TC in Amsterdam!

https://www.first.org/events/colloquia/amsterdam2015

Jeff Bollinger and Matt Valites

Tags: FIRST, security

If you were to ask any security administrator who had to manage the security policies across an organization, they would probably define the “5-Tuple” as a “hard to understand, cryptic method leftover from the 1990s’ policy management for implementing access control and segmentation capabilities in networks.

Despite its complexity, 5-Tuple has been a mainstay in performing access control and segmentation for decades. However, Cisco has provided an alternate deployment approach to the pains of the “5-Tuple” approach to managing security policies across the organization by delivering Cisco TrustSec across our product portfolio so that Security Teams could consolidate their security policies, scale segmentation, and create a security fabric that spans across the entire organization. Read More »

Tags: data center security, secure data center, security

This post was authored by Earl Carter and Nick Randolph.

Threat actors are continually evolving their techniques. One of the latest Graftor variants is delivering a Malware DLL via a PNG file delivery mechanism. Graftor basically indicates some type of trojan hiding in a piece of software. Hiding executables and DLLs in PNG files is yet another attempt to avoid detection and deliver malicious content to user systems. In this instance, the malicious content is placed at the end of the real PNG file data.

Read More »

Tags: Graftor, Malware Analysis, Talos, Threat Research