NMSaaS Blog

Cisco provides a choice of ways to learn about the security vulnerabilities it reports. Users and administrators can check Cisco's security page. They can subscribe to a mailing list, an RSS feed, or a notification service. The most versatile option is the PSIRT OpenVuln API. It's lets organizations run applications to monitor and respond to vulnerabilities in customized ways. They can use existing applications or create their own.

In creating OpenVuln, Cisco is aiming not only to present information in more adaptable ways, but to encourage the development of open security automation standards.

OpenVuln lets a custom application get the latest information through a REST API. RESTful queries are equivalent to HTTP URLs, so an application can use Web-related code libraries to do much of the work. The information can come back in XML or JSON format, following five standards:

• CVE, Common Vulnerabilities and Exposures.

• CVSS, Common Vulnerability Scoring System.

• CVRF, Common Vulnerability Reporting Framework.

• OVAL, Open Vulnerability and Assessment Language (only for Cisco IOS advisories).

• CWE, Common Weakness Enumeration.

When it comes to a vulnerability check, many security teams are unsure of when and how often they should be auditing their devices. Fortunately, Cisco has conveniently included the PSIRT audit as part of their platform so users can easily compare recent notifications to their own inventory database and get a report of any affected devices in the network within minutes. Here are some of the signs that it's time to do just that:

For years Cisco has been an industry-leader in network infrastructure and security devices. One of the tools they use to stay ahead of their competition and ensure that their customers are protected from malicious behavior is the Cisco PSIRT Vulnerability Audit, which is a process by which the company tests and analyzes Cisco products and networks for potential security weaknesses. 

One of the questions we get quite a lot from our customers is related to upgrading and replacing older Cisco devices.  The questions usually takes the form of “When should I replace an older devices (even if it still works?) or “How do I know when a device should be targeted for replacement?”  While there are many possible answers to this question, one of the main pieces of information that should inform the decision is: At what stage in the announced product lifecycle are your current devices?

When we talk to Network Managers around the world and ask them what is the number 1 priority for your team this year we are hearing more and more the answer being “security”. 

This is a little bit of a departure from previous years when the most common responses were “Ensuring uptime”, “Reducing MTTR” and “Deploying new services”.   This may be because in the past security was mostly considered to be the domain of the server and application teams and/or a specialized security team. 

However, with the multitude of known (and unknown) attackers out there, security really must become a cross-team discipline with everyone being involved to a degree in ensuring the integrity of the IT estate.