Embracing Security Related User Groups
Security is a tough nut that can’t be cracked by one alone—neither technology nor research, neither corporations nor start-ups, and neither products nor processes. None of these alone can crack the security nut. The most important part of the problem and solution is people! Nothing beats the efforts of few passionate people collaborating for a cause.
Cisco Security Disclosure: Help Us Help You!
The decision to deliver the biannual (on the fourth Wednesday of every March and September) Cisco IOS Software Security Advisory Bundled Publication brought with it many challenges, process changes, and—in the end—a format for Cisco Vulnerability Disclosure that we hope addresses at least some of your concerns. What we would like to get now is feedback from our customers on how the bundle delivery format has changed your lives (well, at least during working hours!), for better or for worse, when it comes to dealing with Cisco PSIRT security vulnerabilities identified in your Cisco IOS environment. The information you provide in this survey will help Cisco to continue to evolve our vulnerability disclosure process to address your challenges and concerns, just as we did back in 2008 when we listened to you and developed the Cisco IOS Software Security Advisory bundle process.
Making Global Threat Intelligence Locally Actionable
In this video blog post John Stewart, Cisco's Chief Security Officer (CSO) and Senior Vice President, highlights the fact that there is a wealth of threat intelligence available on a global basis and how to best make use of that intelligence data to protect our network infrastructure.
Vectoring to a New Mission
John Stewart, Cisco Chief Security Officer (CSO) and Senior Vice President, announces the new name and mission of the group he leads at Cisco, i.e. the former Global Government Solutions Group (GGSG) has now become the Cisco Threat Response, Intelligence, and Development (TRIAD) organization.
A Programmatic Approach to Using Cisco’s Security Intelligence Feed
If you’re an end-user or manager of software that has publicly known security vulnerabilities, wouldn’t you want to know about it? If you’re a software developer, wouldn’t you want to know if there are third-party software vulnerabilities that may impact your applications or products? Do you have a patch management compliance requirement for managing software […]
Tips and Tricks: Nmap is still relevant
This post provides an overview of the Nmap scanning tool, specifically the improvements made to Nmap version 6.25, and covers three tips to help users unlock some of the benefits of Nmap 6.25: automating the scanner, identifying and discovering vulnerable services on your networkk, and good old-fashioned plain vanilla scanning.
Cisco Live 2013 Orlando: Security Training and Breakout Sessions
The Security track of sessions for Cisco Live Orlando (June 23-27, 2013) includes 72 breakout sessions, 74 hours of labs and seminars, and 3 Product Solution Overview sessions, accounting for about 15 percent of all the content delivered at Cisco Live. This post summarizes a number of the sessions being presented by members of the Cisco Security Intelligence Operations (SIO) organization.
Cross-Site Request Forgery Attacks and Mitigations
Cross-Site Request Forgery (CSRF) attacks: there are already enough articles out there that can explain what a CSRF attack is and provide potential examples. There are also plenty of security alerts that have been released by various vendors whose products are affected by CSRF-related vulnerabilities. CSRF attacks usually target web applications and attempt to make […]
Consider the Best Approach for Your BYOD Mobility Environment
Mobile devices have quickly become a mainstay in enterprise environments and continue to be consumer driven, and yet they find their way into our day-to-day business lives. As these new devices are being brought into the work environment by employees, enterprise IT is increasingly being forced to accommodate for business use. This is not new news. We observe this pattern through our customers today and live this phenomenon within our own everyday work environment at Cisco. Here at Cisco, employees have the flexibility to choose their device and to securely connect to voice, video and data services from anywhere under an Any Device policy. Cisco manages over 64,000 mobile devices today.
Why Cisco Security?
Explore our Products & Services
Subscribe to our Blogs
Stay up to date and get the latest blogs from Cisco Security