Security

With the International Association of Privacy Professionals gathering this week to discuss evolving regulatory requirements and rising customer expectations, there’s no better time to talk about privacy. Privacy is an integral part of the digital transformation wave. As more countries, companies and…

What is Email Spoofing? Email spoofing is the creation of email messages with a forged sender address for the purpose of fooling the recipient into providing money or sensitive information.  For example: a sender 401k_Services@yourcompany.com sends a message to your business email address stating th…

Most malware analysis technologies, like sandboxes, put some sort of hook or software inside their analysis environment in order to observe what is actually happening. This could be a specific DLL file, or a debugger. The problem with this approach is that malware authors are aware of it, they look…

At RSA this year and last, Marty Roesch, VP and Chief Architect for Cisco’s Security Business Group, talked about the need of an integrated threat defense to drive systemic response. The idea is to correlate and analyze data and telemetry from the multiple security technologies that organizations ha…

Data protection and privacy are red-hot topics right now, as they should be. We are facing a watershed moment that could determine government and organizational policy for years to come. Weighing personal privacy against national security, for instance, is not as cut-and-dry as it may first appear.…

Today, we released the first of two semiannual Cisco IOS & XE Software Security Advisory Bundled Publications of 2016. (As a reminder, Cisco discloses IOS & XE vulnerabilities on a predictable schedule—the fourth Wednesday of March and September in each calendar year).   Today’s edition of t…

The standard gauge used for railroads (that is the distance between the rails) in the U.S. is four feet, eight and a half inches, which is an odd number however you look at it. The history behind it is even stranger and is a cautionary tale of assumptions and the consequences of basing decisions on…

Many colleagues, customers, and Cisco partners have asked me, “Why isn’t Cisco AMP for Endpoints included in Gartner’s recent Magic Quadrant for Endpoint Protection Platforms (EPP)?” The answer to us is pretty simple. AMP was not categorized as a traditional “EPP,” and hence, was not included in the…

In March 2015, Cisco created the AMP Threat Grid for Law Enforcement Program, empowering state and local law enforcement agencies with its dynamic malware analysis and threat intelligence platform. Cisco has renewed the program and made it a permanent part of Cisco Gives. Law Enforcement investigato…