|
05/18/2012 06:26 AM
|
|
The Missing Manual: CVRF 1.1 Part 2 of 2
|
Now it's time for some XML! Let's take what you've learned and manually convert the Cisco RVS4000 and WRVS4400N Web Management Interface Vulnerabilities security advisory into a CVRF document. Please note that this process is meant to be instructive and somewhat of a stream-of-consciousness-narrative of how to manually build your first CVRF document. It is expected that, by and large, this process would itself be automated and CVRF document producers would have in-house code to parse their own documents and emit CVRF.
|
|
05/16/2012 11:56 AM
|
|
The Missing Manual: CVRF 1.1 Part 1 of 2
|
In this post you will learn about some of the design decisions behind the 1.1 release of the Common Vulnerability Reporting Framework (CVRF). Particular attention is paid to explaining some of the required elements and the Product Tree. After those tasty tidbits, we will convert a recent Cisco security advisory into a well-formed and valid CVRF document. To close, you are treated to some of the items on the docket for future versions of CVRF.
|
|
05/15/2012 06:30 AM
|
|
Should IT Fear Mother’s Day?
|
This past weekend was Mother’s Day here in the United States, and being a mother of two high-tech savvy teenage [...]
|
|
05/09/2012 06:00 AM
|
|
Who are these Cisco Security Intelligence Engineers?
|
This article provides personal insight into a specialized role residing within Cisco's Applied Intelligence team, a team which was highlighted in the Network World feature article (page 3), “Inside Cisco Security Intelligence Operations.” The role is that of the Security Intelligence Engineer (SIE), a role which focuses on researching and producing actionable intelligence, vulnerability analysis, and threat validation that typically leads to providing answers and solutions to the challenges posed by these questions.
|
|
05/07/2012 06:30 AM
|
|
CSIRT Monitoring for Cisco House at the London 2012 Olympic Games
|
As part of CSIRT’s mobile monitoring offering for special events, we undertook monitoring of the corporate and customer traffic of [...]
|
|
04/25/2012 09:03 AM
|
|
Have You Hacked Yourself Lately?
|
This post stresses the need for organization to periodically and frequently perform testing of incident response policies, procedures, and plans prior to the "real thing" occurring on their networks.
|
|
04/19/2012 11:20 AM
|
|
Anatomy of a Data Breach: Part II
|
Even as the latest breach headline fades away, we all know there is another waiting in the wings. How can organizations protect themselves? There is no panacea for securing a payment environment, and implementing advanced technology alone will not make an organization compliant with the Payment Card Industry (PCI) Data Security Standard (DSS). The PCI DSS provides a solid foundation for a security strategy that covers payment and other types of data, but overall security does not begin and end with PCI compliance. Therefore, an organization’s security strategy should employ best practices and an architecture that will not only facilitate PCI compliance, but also help secure the cardholder environment, prevent identity theft, reliably protect brand image and assets, mitigate financial risk, and provide a secure foundation for new business services.
|
|
04/16/2012 11:52 AM
|
|
What is it Like to be a Cisco Security Analyst?
|
Security events, such as vulnerabilities and threats, that are detected globally continue to grow and evolve in scale, impact, diversity, and complexity. Compounded with this is the other side of the coin, the unreported or undetected events awaiting in the wings, hovering below the radar in a stealthy state. With all of the security technologies at our disposal, are they sufficient enough to provide effective protection? Well, it is certainly a good start when applied correctly. At a summary level, Cisco’s Security Intelligence Operations (SIO) approach to this challenge was covered in the Network World feature article, “Inside Cisco Security Intelligence Operations.” However, one of the core human elements, which I will introduce, that deserves closer attention is the role of security analyst. In addition, this article provides those of you with career interests some additional insight into working in the IT security field.
|
|
04/12/2012 05:30 AM
|
|
Anatomy of a Data Breach: Part 1
|
Last weekend was a typical one, nothing out of the ordinary: errands, science fairs, softball practice with the kids. However, [...]
|
|
04/06/2012 12:03 PM
|
|
JetBlue Pilot Incident and Expected Response?
|
In our weekly review call for the Cisco Cyber Risk Report for March 26-April 1, 2012 we discussed the incident of the JetBlue mid-air emergency incident. The incident has been widely reported, but a short summary is that the pilot was reportedly acting irrationally, which caused the co-pilot to lock him out of the cockpit and led to the crew and passengers having to subdue him until the aircraft could be landed and authorities removed the pilot. While the investigation of this incident continues, there have also been several of these types of incidents. A review of the incident raised several security questions with us over the incident response policies and procedures.
|
