“Change is inevitable—except from a vending machine.”

In the spirit of Robert C. Gallagher’s famous quote—and in our quest to never be a vending machine—we’ve rolled out several updates to Cisco’s Security Intelligence Operations (SIO) Portal which I trust you will find useful. Thanks to your feedback, we continue to evolve the Portal to ensure that relevant security content is where you need it, when you need it. Providing timely information to our customers requires not only a global team of Cisco security experts to pipeline the latest information, but a complementary team who ensures that the most significant issues are also the most visible. In fact, that’s the most exciting change we made: a new ‘Security Highlights’ tab which allows a cross-functional group, led by our content managers, to call out the most important issues to our customers. That way, instead of looking at IntelliShield alerts, Cisco Security Notices, or Event Responses individually when time is scarce, this new tab gives you an at-a-glance view of Cisco security content our experts feel is most pressing given all of the events into which we have a view.

As before, each security issue identified by the global SIO team indicates the type of content available for the issue. We’ve also added indicators for Urgency and Impact to further call attention to specific issues that merit your attention.SIO_sechigh-907x1024


In addition to the new Security Highlights tab, we’ve also implemented global timestamps (UTC) across all content, as well as greater optimization for viewing with mobile devices. The goal of all of these changes is to provide a consistent experience which minimizes the effort required to find relevant content. I’ve been asked in customer briefings to describe how SIO functions behind the scenes, and the simplest answer is this: Cisco believes that our advantage is through coupling advanced correlation techniques with a ‘human touch.’ Without some manner of editorial oversight, the nature and amount of content our analysts see on a daily basis would amount to “drinking water from a fire hose.” Features such as the Security Highlights tab are possible only through the very human decisions we make on a daily basis: what will be most relevant to our diverse customers, how to best call it to their attention, etc.

As I mentioned earlier, the evolution of the Portal would not be possible without your continued input. My colleague Tim (in between his frequent meals at the Olive Garden) recently called out a survey we’re conducting on how to continue these improvements. Once you’ve had a chance to visit the Portal and see what our ‘vulnerability du jour’ is, please take a moment to give us your feedback (if you haven’t done so already).


Richard Aceves


Security Research & Operations