May 8, 2019


Customers Deserve Transparency to Manage Risk

Regardless of how they are found, all vulnerabilities are investigated and publicly reported per our policies.

April 29, 2019


The PSIRT Services Framework: Helping the Industry Protect the Ecosystem

At Cisco, our leadership made the decision over twenty four years ago that we would clearly publicly communicate security vulnerabilities or other issues that could potentially expose customers to risk....

September 26, 2018


September 2018 Cisco IOS and IOS XE Software Bundled Publication

Today, September 26, 2018, we released the second and final Cisco IOS and IOS XE Software Security Advisory Bundled Publication of 2018.

August 10, 2018


Shining a Light on a New Way to Attack WPA2 Weaknesses

Throughout its history, wireless communication has been susceptible to eavesdropping. No matter the WPA standard, there will always be attempts to exploit weaknesses and breach privacy. 

June 22, 2018


Cisco PSIRT Notice About Public Exploitation of the Cisco ASA Web Services Denial of Service Vulnerability

With the security of our customers' networks being a top priority, we're actively raising awareness of a vulnerability affecting Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software.

December 4, 2017


Introducing a New Addition to Cisco’s Security Impact Rating

The Cisco Product Security Incident Response Team (PSIRT) is introducing a new Security Impact Rating (SIR) for Cisco Security Advisories: Informational.

February 27, 2017


Cisco PSIRT – Mitigating and Detecting Potential Abuse of Cisco Smart Install Feature

A Cisco Security Response alerts about possible abuse of the Smart Install feature. While not considered a vulnerability, the Response provides guidance on how to protect their networks against abuse.

December 21, 2015


Update for Customers

Following a recent Juniper security bulletin discussing unauthorized code, we have fielded a number of related questions from our customers. Being trustworthy, transparent, and accountable is core to our team, so we are responding to these questions publicly. First, we have a “no backdoor” policy and our principles are published at Our development practices […]