Customers Deserve Transparency to Manage Risk
Regardless of how they are found, all vulnerabilities are investigated and publicly reported per our policies.
The PSIRT Services Framework: Helping the Industry Protect the Ecosystem
At Cisco, our leadership made the decision over twenty four years ago that we would clearly publicly communicate security vulnerabilities or other issues that could potentially expose customers to risk....
September 2018 Cisco IOS and IOS XE Software Bundled Publication
Today, September 26, 2018, we released the second and final Cisco IOS and IOS XE Software Security Advisory Bundled Publication of 2018.
Shining a Light on a New Way to Attack WPA2 Weaknesses
Throughout its history, wireless communication has been susceptible to eavesdropping. No matter the WPA standard, there will always be attempts to exploit weaknesses and breach privacy.
Cisco PSIRT Notice About Public Exploitation of the Cisco ASA Web Services Denial of Service Vulnerability
With the security of our customers' networks being a top priority, we're actively raising awareness of a vulnerability affecting Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software.
March 2018 Cisco IOS and IOS XE Software Bundled Publication
Today, we released the first Cisco IOS and IOS XE Software Security Advisory Bundled Publication of 2018.
Introducing a New Addition to Cisco’s Security Impact Rating
The Cisco Product Security Incident Response Team (PSIRT) is introducing a new Security Impact Rating (SIR) for Cisco Security Advisories: Informational.
Cisco PSIRT – Mitigating and Detecting Potential Abuse of Cisco Smart Install Feature
A Cisco Security Response alerts about possible abuse of the Smart Install feature. While not considered a vulnerability, the Response provides guidance on how to protect their networks against abuse.
Update for Customers
Following a recent Juniper security bulletin discussing unauthorized code, we have fielded a number of related questions from our customers. Being trustworthy, transparent, and accountable is core to our team, so we are responding to these questions publicly. First, we have a “no backdoor” policy and our principles are published at trust.cisco.com Our development practices […]