For years Cisco has been an industry-leader in network infrastructure and security devices. One of the tools they use to stay ahead of their competition and ensure that their customers are protected from malicious behavior is the Cisco PSIRT Vulnerability Audit, which is a process by which the company tests and analyzes Cisco products and networks for potential security weaknesses.
What is PSIRT?
The Product Security Incident Response Team (PSIRT) is a dedicated, global team that manages the receipt, investigating, and public recording of security vulnerability information. The purpose of the team is to release the amount of information required to fix or workaround the issue without sharing any vital information that might create additional vulnerabilities.
So how do you act on the tools that you get from a Cisco PSIRT Vulnerability Audit?
Steps to Address a Vulnerability:
- Download the software update from Cisco. In most instances, the PSIRT will release a software update that addresses the vulnerability as soon as they have it. This is the quickest and easiest solution for you, but may be times when the update is not available and you need to act to protect your environment.
- Discover whether Cisco has already released a workaround for the vulnerability. As part of their on-going effort to make the Cisco PSIRT Vulnerability Audit an effective tool, Cisco often finds workarounds or other solutions for any vulnerable points that appear.
- Perform manual remediation if that is your only option. If Cisco does not have an update or workaround ready for your particular problem, you will need to take steps to manually remove the threat until a permanent solution is available. You will need to remove, disable or isolate the weak point immediately to minimize the ability of the problem to spread. Of course, you will have to be able to identify the source of the vulnerability. If you cannot locate and isolate the source, you may need to take the entire device offline until the issue can be resolved.
- Deploy patches and rescan. Do not assume that the steps you took above were sufficient until you have evidence that scans are clean and the vulnerability is fixed. Even if you were able to update the system to address the weakness, you want to see a scan report that verifies the fix was successful.
- Take advantage of automation tools. Unfortunately, threats from hackers seem to be growing every day. With so many potential attackers, personal testing or a passive approach is insufficient. Here at NMSaaS we provide automation software that scans your environment for weaknesses and vulnerabilities. Our software gathers information directly from each Cisco PSIRT Vulnerability Audit so that your network can be scanned immediately and a detailed, accurate report can be created. This is by far the most effective way to get the most up-to-date information so you can remain proactive.
- Participate in the Cisco CVRF community. While most Cisco PSIRT Vulnerability Audit releases do a good job of keeping their clients up to date and protected, you need to stay ahead of the hackers. If you are active in the Cisco Common Vulnerability Reporting Framework (CVRF) community and blog, you have a better chance of finding information and vulnerabilities as soon as possible, which will decrease your exposure and help you act rather than react.
The Cisco PSIRT Vulnerability Audit tool is a great resource for IT professionals, but you still have to do the work to stay on top of your network's security. As long as you stay vigilant and use all of the tools at your disposal, especially automated vulnerability scans and reports, you can keep your environment safe and secure.