Cisco Blogs
Share

Streamlining the Response to Security Vulnerabilities


October 5, 2015 - 1 Comment

With security threats evolving at a staggering pace, we’re hearing from our customers that their network administrators are often finding it difficult to keep up. They are challenged to make informed decisions quickly enough and prioritize their responses to incoming threats. Not surprising since with each new threat and the related vulnerabilities IT leaders are faced with several questions:

  • Where do I go to find information?
  • Which information is for background and which requires immediate action?
  • What has changed since the original publication?
  • Does this apply to my network of devices?
  • What resources should I go to for prevention, detection and remediation?

We are constantly looking at ways to help our customers and partners reduce the time it takes to mitigate security breaches so I’m pleased to announce a new and improved security vulnerability disclosure format for Cisco Security Advisories that should make it much easier for administrators to understand and respond to threats.

Historically, Cisco’s Product Security Incident Response Team (PSIRT) has shared critical security information in various formats including security advisories, alerts, bulletins, release notes, and more. We have based our decisions about which format to use on the severity of the particular threat. Now, after assessing the threat landscape and listening to our customers, we are streamlining how we communicate this information to focus on more consistency and transparency.

Key changes that will drive the greatest benefit:

What’s New Customer Benefit
Enhanced and simplified view
Security Impact Rating (SIR)
  • Simplified way to categorize vulnerabilities based on CVSS
  • Highly visible on landing page
Security Automation and Machine-Readable Content
Every vulnerability assigned a Common Vulnerability and Exposures (CVE)
  • Aids in identification and search
Coming Soon: Application-Programming Interface (API)
  • Empowers customers to customize their security vulnerability notifications
  • Helps automate the assessment of security vulnerabilities

Starting today, the new Cisco Security Advisories program replaces the previous multi-format program and addresses vulnerabilities in one consistent format for all severities. All historic information has been migrated.

And to further streamline, within the next few months Cisco will launch an application-programming interface (API) so customers can customize the Cisco information and publications to meet their specific needs. It will also allow them to set up rules for automated assessment of their own networks. This further simplifies the evaluation process and reduces the time between a vulnerability being announced and fixed.

For more details about the new Cisco Security Advisories program, see the related blog from Omar Santos, Cisco PSIRT Security Research and Operations.

Check out Cisco’s Security Vulnerability Policy for more detailed information about how to receive threat, vulnerability, and mitigation information, and the overall vulnerability management process.

Our goal with this new security vulnerability disclosure format is to better inform our customers in a consistent and transparent way. As always, we value your input so please respond with your feedback or questions. It’s important to us that we’re supporting your efforts to keep pace with the continuous risk mitigation cycle.

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.

1 Comments

  1. Dear Mr. Stewart I am Akio Hoshida who is a PSDM proming Cisco service towards Japanese customers & partners. Japanese partners are really interested in API so customers can customize the Cisco information and publications to meet their specific needs.Could you please let us know what is the estimated date Cisco is able to provide the detail of API? Best regards, Akio Hoshida