Trustworthy Networking is Not Just Technological, It’s Cultural
With the multitude of dangers constantly testing networks, there should be no such concept of “implicit trust”. At the core of the defensive network is the principle of proven trustworthy hardware and software, working in conjunction to protect network devices, data, and applications from attacks.
The PSIRT Services Framework: Helping the Industry Protect the Ecosystem
At Cisco, our leadership made the decision over twenty four years ago that we would clearly publicly communicate security vulnerabilities or other issues that could potentially expose customers to risk....
Perspective About the Recent WPA Vulnerabilities (KRACK Attacks)
On October 16th,Mathy Vanhoef and Frank Piessens, from the University of Leuven, published a paper disclosing a series of vulnerabilities that affect the Wi-Fi Protected Access (WPA) and the...
Guidelines and Practices for Multi-Party Vulnerability Coordination Open to Review
Recent cyber attacks on organizations around the world have demonstrated the need for consistency in managing security vulnerabilities. To answer that demand, the Industry Consortium for the Advancement of Security on the Internet (ICASI) and the Forum of Incident Response and Security Teams (FIRST) created the FIRST Vulnerability Coordination Special Interest Group (SIG). This is […]
Evolving Security Disclosures : The New OASIS Common Security Advisory Framework (CSAF) Technical Committee
During the last few years we have witnessed how the cyber security threat landscape has evolved. The emergence of the Internet of Things combined with recent events have profoundly changed how we protect our systems and people, and drive us to think about new approaches for vendors to disclose security vulnerabilities to customers and consumers. […]