incident response
The PSIRT Services Framework: Helping the Industry Protect the Ecosystem
At Cisco, our leadership made the decision over twenty four years ago that we would clearly publicly communicate security vulnerabilities or other issues that could potentially expose customers to risk. This is when the Cisco Product Security Incident Response Team (PSIRT) was born. Our team and the…
Cisco Threat Response with Email Security Integration: Harmonizing Your Security Products
Those of us who have been in security for more than 20 years are very familiar with the assertion that security is a process. For me, security has always been a process like a melody that ties in all other parts of the song. Staying on this musical analogy, if process is the melody, and you conside…
War Games: A WOPR of a Security Test (Part 4)
As any security consultant will know, the more fun you have on an engagement (see part 1, part 2 and part 3 for the back story), the longer the report will be afterwards and the more important the executive and technical summaries will be in tying all the observations together in an actionable fashi…
War Games: A WOPR of a Security Test (Part 3)
So how did the team get on in our War Game exercise? In order to complete the War Game exercise (the setup for which can be found in part 1 and part 2 of this series), our Security Advisory Services team determined that the following attack scenarios would need to be simulated: The plan A broad ta…
Cisco Recognized as a Leader in Incident Response
It is never ideal to “go it alone” during a cybersecurity breach. Talk about a high-pressure situation. Getting access to experts is critical: with a strong support team, you’ll have more hands on deck so you can act quickly, and when you tap into skilled incident response experts, you have the ben…
War Games: A WOPR of a Security Test (Part 2)
In part 1 of this series of posts, we covered what constituted a War Game and how we defined the various attack scenarios. In this part, we will cover our Cisco Security Advisory Services team used these scenarios to develop real world threat models and establish other parameters of the engagement.…
War Games: A WOPR of a Security Test (Part 1)
Recently, in what was an interesting change to the usual technical and risk/compliance focused consultancy, our Security Advisory Services carried out a War Games exercise – which is similar in style to a “red team” engagement. This short series of posts aims to describe the experi…
Cognitive Intelligence: Empowering Security Analysts, Defeating Polymorphic Malware
Co-authored with: Jan Jusko, Harry Nayyar, and Danila Khikhlukha. In psychology, the term “cognition” refers to a human function that is involved in gaining knowledge and intelligence. It helps describe how people process information and how the treatment of this information may lead to various deci…
Streamlining Threat Investigations with AMP Unity
Preventing malware incidents is very much like preventing bad things from happening in our day-to-day life. We all take precautions every day (well, most of us do, anyway). Actions as simple as carrying an umbrella when rain is forecasted, buckling a safety belt when driving, or using sun screen whe…