S&TO

After an application is developed, multiple security tests must be run to ensure it’s ready for deployment. Learn how Cisco validates its software based on industry and internal security standards.

Third-party software is ubiquitous across product development. With it grows the interest for more accurate visibility, accounting of open source and commercial components, and for proper management and hygiene.

Cybersecurity is a team sport. When a community rises, we all rise. We are honored to support programs that ensure the next generation rises with cybersecurity expertise.

Maintaining the resiliency of data, assets, systems, and the network is mission-critical. DevOps must continuously improve resiliency with application security tools that automate security posture assessment and manage security risks.

Embedding trust and resilience into critical infrastructure is a moving target. We must focus on the trustworthiness and integrity of the technology and processes that run these critical systems.

Many organizations are taking on cyber risk driven by current disruption and the pressure to ‘keep things going.’ We must ensure our new technology dependence is appropriately understood and managed.

So far, the industry has been testing post-quantum key exchange and authentication separately in a quest for a quantum-secure future. We recently have been experimenting with TLS and SSH using both post-quantum key exchange and authentication. The preliminary results are promising for some algorithms.

Quantum Computers could threaten encryption tunnels like IPsec, MACsec, and TLS. MACsec is an authenticated encryption protocol that, if appropriately configured, can be quantum-safe. The whitepaper shows how.

Quantum Computers could threaten the security of TLS key exchange and authentication. To assess the performance of post-quantum certificates TLS 1.3, we evaluated NIST Round 2 signature algorithms. See results.