security

2 min read

Security is a tough nut that can’t be cracked by one alone—neither technology nor research, neither corporations nor start-ups, and neither products nor processes. None of these alone can crack the security nut. The most important part of the problem and solution is people! Nothing beats the efforts of few passionate people collaborating for a cause.

2 min read

The decision to deliver the biannual (on the fourth Wednesday of every March and September) Cisco IOS Software Security Advisory Bundled Publication brought with it many challenges, process changes, and—in the end—a format for Cisco Vulnerability Disclosure that we hope addresses at least some of your concerns. What we would like to get now is feedback from our customers on how the bundle delivery format has changed your lives (well, at least during working hours!), for better or for worse, when it comes to dealing with Cisco PSIRT security vulnerabilities identified in your Cisco IOS environment. The information you provide in this survey will help Cisco to continue to evolve our vulnerability disclosure process to address your challenges and concerns, just as we did back in 2008 when we listened to you and developed the Cisco IOS Software Security Advisory bundle process.

6 min read

This post provides an overview of the Nmap scanning tool, specifically the improvements made to Nmap version 6.25, and covers three tips to help users unlock some of the benefits of Nmap 6.25: automating the scanner, identifying and discovering vulnerable services on your networkk, and good old-fashioned plain vanilla scanning.

1 min read

The Global Certification Team is proud to announce the FIPS 140-2 crypto certification of the Cisco Adaptive Security Appliance (ASA) family.  This certification covered the following models: Cisco ASA 5505, ASA 5510, ASA 5520, ASA 5540, ASA 5550, ASA 5580-20, ASA 5580-40, ASA 5585-X SSP-10, 5585-X SSP-20, 5585-X SSP-40 and 5585-X SSP-60 Security Appliances.  The ASA’s were evaluated at […]

3 min read

The Security track of sessions for Cisco Live Orlando (June 23-27, 2013) includes 72 breakout sessions, 74 hours of labs and seminars, and 3 Product Solution Overview sessions, accounting for about 15 percent of all the content delivered at Cisco Live. This post summarizes a number of the sessions being presented by members of the Cisco Security Intelligence Operations (SIO) organization.

1 min read

Today, many encrypted networks use insecure cryptography. Attackers exploiting weak cryptography are nearly undetectable, and the data you think is secure is less safe every day. Legacy encryption technology can't keep up with current advances in hacking and brute force computing power. Additionally, legacy solutions are increasingly inefficient as security levels rise, and perform poorly at high data rates. In order to stay ahead of this challenge, encryption needs to evolve.

1 min read

Today, Cisco announces the development of the Cisco Wearable IPS (CWI), a security device for Generation Y. This fashionable security device will liven up any insecure outfit. It can be worn around the neck or strapped to a belt, and provides a single gateway to the Internet or wireless network of your choice.

2 min read

Innovation never stops in the mobile world, and that rule applies to security threats as well. Network attacks are becoming more sophisticated and even high-tech businesses with the most advanced security may find themselves in the crosshairs as we shift to more devices and anywhere access. Just a few weeks ago, multiple leading social networking […]

1 min read

There is still time to register for the upcoming FIRST Technical Colloquium April 2-3 2013. The event has a very exciting program covering, bitsquatting, webthreats, RPZ, Passive DNS, Real-world monitoring examples, Spamhaus, SIE, Cuckoo Sandbox, Malware Analysis and many more current issues facing the incident response community. The event’s line-up includes notables from Cisco Security Intelligence Operations (SIO), […]