Avatar

UPDATE: Webcast information is also now available at the Cisco Live 365 site

Many network security administrators are struggling to keep their network “up-to-date” with the constant release of new vulnerabilities and software fixes. At the same time, they’re under pressure to provide near 100% availability of key business services and systems. Every time a vendor discloses a security vulnerability, network security administrators must identify affected devices and (in numerous cases) upgrade such devices. These activities can take hours, days, or even weeks depending on the size of the organization. For instance large enterprises and organizations may have thousands of routers and switches that need to be assessed for the impact of any given vulnerability. Cisco is helping customers by adopting cutting-edge security automation standards such as the  Open Vulnerability and Assessment Language (OVAL) and the Common Vulnerability Reporting Framework (CVRF).

In the following blog posts, I’ve provided details about how security automation is helping customers:

Additionally, my colleague Mike Schiffman has posted several posts explaining CVRF.

Webcast took place on Tuesday, April 23rd at 10:00 a.m. EST (14:00 GMT). Over 150 customers from 29 countries learned about security automation; Cisco’s machine readable content strategy; and vulnerability assessment using OVAL. We discussed how customers can use OVAL to quickly assess the effects of security vulnerabilities in Cisco IOS Software devices. The recording is now available:

https://youtu.be/Yf9o8TvWH4I

 

 



Authors

Omar Santos

Distinguished Engineer

Cisco Product Security Incident Response Team (PSIRT) Security Research and Operations