Security

January 14, 2013

SECURITY

New PSIRT Deliverable Aids Transparency in Vulnerability Disclosure

A phrase I’ve recently been hearing repeated is that “product features will come and go, but risk mitigation is continuous.”  With that in mind, our Product Security Incident Response Team (PSIRT) is doing its part by seeking ways to improve how we transparently communicate information about Cisco product vulnerabilities to our Customers and Partners.  Starting […]

January 11, 2013

SECURITY

New Java Vulnerability Being Exploited in the Wild

The new Oracle Java arbitrary code execution vulnerability  has not only hit many news wires and social media outlets, but many victims as well, and it has been incorporated into several exploit kits. This critical vulnerability, as documented in IntelliShield alert 27845, could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system with the […]

January 3, 2013

SECURITY

Protecting Our Networks: It’s a Team Game Now!

I have been coaching youth sports for the past seven plus years now and one of my common mantras when speaking to the girls and boys each season is that “we will win as a team and lose as a team.”  In other words, I will never tolerate one player acting selfishly enough to think […]

January 3, 2013

SECURITY

Security Assessments: More Than Meets the Eye

Is the product safe to use? I have been asked this question on occasion in a non-technical sense and maybe you have too. In a technical context, I could frame the question as “Are the online services and underlying technologies supporting my services safe?”  A continuous effort must go into substantiating the preferable answer (“Yes”) […]

December 21, 2012

SECURITY

Commitment and Community: Cisco’s Security DNA

This is our final post in the series of SecCon-related articles. This post drives home the point made by Cisco's senior executives at the SecCon conference - security must be pervasive in every aspect of every product we design, develop, and deploy. It’s what our customers expect, and SecCon is one of the major delivery vehicles for creating a unified front within the engineering community as part of Cisco’s evolution towards the “Internet of Everything”.

December 21, 2012

SECURITY

Security Features vs. Securing Features

Here's the fourth in a series of posts revolving around the recently held Cisco SecCon 2012 (December 3-6) security conference. This post zeroes in on the fact that software vendors need to start focusing (more) on the overall security and quality of software, not just on the implementation of security features in products.

December 19, 2012

SECURITY

Securing Linux Based Products With CSDL

Here's the third in a series of posts revolving around the recently held Cisco SecCon 2012 (December 3-6) security conference. The focus of this post is on the Cisco Secure Development Lifecycle (CSDL), Cisco’s approach to building secure products and solutions, and specifically the release of two Cisco documents that have been an integral part of CSDL: “Linux Hardening Recommendations For Cisco Products” and “Product Security Baseline Linux Distribution Requirements."

December 19, 2012

SECURITY

Have You Architected Your Data Center Survival Strategy for A Dystopic Cyber Landscape?

Drawing from a recent read of “Case 1: The Seeds of Dysptopia” in the World Economic Forum 2012 Global Risks 2012 Seventh Edition, it’s now more than apparent than ever that the impact of crime and terrorism in the digital world is fast mirroring that of a physical world.  We’re living in an era where […]

December 18, 2012

SECURITY

Let’s Hack Some Cisco Gear at SecCon!

Here's the second in a series of posts discussing how Cisco SecCon 2012 (December 3-6) brought together hundreds of engineers, live and virtually, from Cisco offices around the globe with one common goal: to share their knowledge and learn best practices about how to increase the overall security posture of Cisco products.

Why Cisco Security?

Explore our Products & Services

Subscribe to our Blogs

Stay up to date and get the latest blogs from Cisco Security