A few months ago, I wrote about the new OASIS Common Security Advisory Framework (CSAF) Technical Committee (TC). The purpose of the CSAF Technical Committee is to standardize the practices for structured machine-readable security
Today, we released the first Cisco IOS & IOS XE Software Security Advisory Bundled Publication of 2017. (As a reminder, Cisco discloses vulnerabilities in Cisco IOS and IOS XE Software on a predictable schedule—the fourth Wednesday of March and
UPDATE: March 17, 2017 Based on the “Vault 7” public disclosure, Cisco launched an investigation into the products that could potentially be impacted by these and similar exploits and vulnerabilities. As part of the internal investigation of our own
A Cisco Security Response alerts about possible abuse of the Smart Install feature. While not considered a vulnerability, the Response provides guidance on how to protect their networks against abuse.
The Cisco PSIRT openVuln API is a RESTful API that allows customers to obtain Cisco security vulnerability information in different machine-consumable formats. It supports industrywide security standards such as the Common Vulnerability Reporting
Recent cyber attacks on organizations around the world have demonstrated the need for consistency in managing security vulnerabilities. To answer that demand, the Industry Consortium for the Advancement of Security on the Internet (ICASI) and the
The Cisco Product Security Incident Response Team (PSIRT) is now scoring all security advisories addressing security vulnerabilities that affect Cisco products and multivendor vulnerability alerts using the Common Vulnerability Scoring System version
Back in April, I wrote a blog post about the new version of the Common Vulnerability Scoring System (CVSS). The changes made for CVSSv3 addressed some of the challenges that existed in CVSSv2. For example, CVSSv3 analyzes the scope of a vulnerability
During the last few years we have witnessed how the cyber security threat landscape has evolved. The emergence of the Internet of Things combined with recent events have profoundly changed how we protect our systems and people, and drive us to think
