In October, we announced details about Cisco PSIRT’s new and improved security vulnerability disclosure format. Our Chief Security and Trust Officer, John Stewart, also revealed that Cisco will launch an application programming interface (API) that empowers customers to customize Cisco vulnerability information and publications. Today, we have officially launched the Cisco PSIRT openVuln API and it is available for immediate use.
The Cisco PSIRT openVuln API is a RESTful API that allows customers to obtain Cisco security vulnerability information in different machine-consumable formats. It supports industrywide security standards such as the Common Vulnerability Reporting Framework (CVRF), Open Vulnerability and Assessment Language (OVAL), Common Vulnerability and Exposure (CVE) identifiers, and the Common Vulnerability Scoring System (CVSS).
This API allows technical staff and programmers to build tools that help them do their job more effectively. In this case, it enables them to easily keep up with security vulnerability information specific to their network. That frees up more time for them to manage their network and deploy new capabilities in their infrastructure.
The API also allows Cisco customers and partners to leverage OVAL definitions and CVRF data to set up rules for the automated assessment of their own networks. It further simplifies the evaluation process and reduces the time between when a vulnerability is announced and the fix is actually implemented. That means less risk for them and their own customers tied to open vulnerabilities.
We’ve created the following video tutorial to help customers and partners get started.
You can also find technical details and information about the Cisco PSIRT openVuln API at the new Cisco PSIRT DevNet site. We know you’ll want to actively engage to learn more, so we have also created a DevNet developer community where users can get additional technical content, collaborate with peers, exchange sample code, and ask questions.
Looks like a promising and valuable service. Question: Do you see a use case for organizations that already have a vulnerability management system in place (such as Nexpose, QualysGuard or Nessus/Security Center)? What will this service allow them to do that that can’t do with their existing VM platform?
Hi Apolonio, Thank you for reading the blog post and for the follow up. One of the main benefits is that you can obtain the vulnerability information directly from Cisco at the time of publication (i.e., before the scanners will even have the information about the vulnerability). Another benefit is that partners (including the ones that you mentioned) can obtain vulnerability disclosure information in a programmatic way immediately after publication. Both of this accelerate the time that it takes to receive, analyze and remediate security vulnerabilities in Cisco products. Hope this helps! Regards, Omar