A Cisco Security Response alerts about possible abuse of the Smart Install feature. While not considered a vulnerability, the Response provides guidance on how to protect their networks against abuse.
Here's the third in a series of posts revolving around the recently held Cisco SecCon 2012 (December 3-6) security conference. The focus of this post is on the Cisco Secure Development Lifecycle (CSDL), Cisco’s approach to building secure products and solutions, and specifically the release of two Cisco documents that have been an integral part of CSDL: “Linux Hardening Recommendations For Cisco Products” and “Product Security Baseline Linux Distribution Requirements."
Here's the second in a series of posts discussing how Cisco SecCon 2012 (December 3-6) brought together hundreds of engineers, live and virtually, from Cisco offices around the globe with one common goal: to share their knowledge and learn best practices about how to increase the overall security posture of Cisco products.
Cisco SecCon is a security conference for Cisco engineers that focuses on two critical elements for a healthy corporate Security intelligence: 1) expansion of knowledge for all and 2) building a sense of community. Cisco recently allocated two days for intensive hands-on security training (held December 3-4), and then provided two general session days(December 5-6) to discuss a variety of security topics.
