Streamlining the Response to Security Vulnerabilities
With security threats evolving at a staggering pace, we’re hearing from our customers that their network administrators are often finding it difficult to keep up. They are challenged to make informed decisions quickly enough and prioritize their responses to incoming threats. Not surprising since with each new threat and the related vulnerabilities IT leaders are faced with several questions:
- Where do I go to find information?
- Which information is for background and which requires immediate action?
- What has changed since the original publication?
- Does this apply to my network of devices?
- What resources should I go to for prevention, detection and remediation?
We are constantly looking at ways to help our customers and partners reduce the time it takes to mitigate security breaches so I’m pleased to announce a new and improved security vulnerability disclosure format for Cisco Security Advisories that should make it much easier for administrators to understand and respond to threats.
Historically, Cisco’s Product Security Incident Response Team (PSIRT) has shared critical security information in various formats including security advisories, alerts, bulletins, release notes, and more. We have based our decisions about which format to use on the severity of the particular threat. Now, after assessing the threat landscape and listening to our customers, we are streamlining how we communicate this information to focus on more consistency and transparency.
Key changes that will drive the greatest benefit:
|What’s New||Customer Benefit|
|Enhanced and simplified view||
|Security Impact Rating (SIR)||
|Security Automation and Machine-Readable Content||
|Every vulnerability assigned a Common Vulnerability and Exposures (CVE)||
|Coming Soon: Application-Programming Interface (API)||
Starting today, the new Cisco Security Advisories program replaces the previous multi-format program and addresses vulnerabilities in one consistent format for all severities. All historic information has been migrated.
And to further streamline, within the next few months Cisco will launch an application-programming interface (API) so customers can customize the Cisco information and publications to meet their specific needs. It will also allow them to set up rules for automated assessment of their own networks. This further simplifies the evaluation process and reduces the time between a vulnerability being announced and fixed.
For more details about the new Cisco Security Advisories program, see the related blog from Omar Santos, Cisco PSIRT Security Research and Operations.
Check out Cisco’s Security Vulnerability Policy for more detailed information about how to receive threat, vulnerability, and mitigation information, and the overall vulnerability management process.
Our goal with this new security vulnerability disclosure format is to better inform our customers in a consistent and transparent way. As always, we value your input so please respond with your feedback or questions. It’s important to us that we’re supporting your efforts to keep pace with the continuous risk mitigation cycle.