Security

If you are reading this blog then you most likely understand that APIs allow inter-working among products. In the context of Firepower Management Center, the REST APIs allow programming of the Firepower devices to allow one to automatically provision devices, deploy policies and controls, and monito…

Next week’s NCSA Nasdaq Cybersecurity Summit in New York will focus government and private sector leaders on two priorities—developing a strategic approach to combating pervasive cyber threats and creating a culture of cybersecurity across enterprises. These are critical issues that Cisco is address…

UPDATE: March 17, 2017 Based on the “Vault 7” public disclosure, Cisco launched an investigation into the products that could potentially be impacted by these and similar exploits and vulnerabilities. As part of the internal investigation of our own products and the publicly available information, C…

Today let’s talk about IoT as a plurality. I suspect that you may have recently heard the phrase that “words matter,” and when talking about something as broad and diverse as “IoT” it really does indeed matter. It matters because correctly defining what you are speaking about, and to whom, will help…

One in four organizations are exposed for six months or longer due to a lack of qualified security workers. And in Europe almost one-third of cyber security job openings remain unfilled. That’s the challenging picture reported by ISACA at this year’s RSA Conference. You’re thinking, “tell me s…

Cisco PSIRT has become aware of attackers potentially abusing the Smart Install (SMI) feature in Cisco IOS and IOS XE Software. While this is not considered a vulnerability, PSIRT published a Cisco Security Response on February 14, 2017 to inform customers about possible abuse of the Smart Install f…

I am proud to announce that last week at RSA the 2017 Info Security Products Guide Global Excellence Awards honored three teams from the Cisco Security and Trust Organization. These teams were recognized for their work in defending the company’s networks, building secure and trustworthy products and…

Over the last half decade the term sandboxing has become so pervasive, many customers I speak to have forgotten what it’s for!  Sandboxing is a type of malware analysis – dynamic malware analysis to be exact. You execute a sample / file in a virtual environment and see what happens. There are numero…

We live in a time when lines in IT are blurring, and the line between security and network operations is just one example. When organizations are breached, their network is imperiled and business can suffer. Resiliency, performance, and threat defense are increasingly intertwined. No one understands…