Cisco gives its Security Research Center a Makeover

Not many people realize that Cisco has been silently improving their security threat information site called The Cisco Security Center (www.cisco.com/security). I would also go out on a limb and guess that not many people ever knew Cisco provided free security research content. Bottom line is the site offers lots of excellent, and free, security content. A large percentage of the content comes from its IntelliShield business unit. Cisco IntelliShield is a paid, subscription service that provides all sorts of customized security reports. The good news is that many of the general reports are now being offered for free on the Security Center Website. So what cool reports are available on this site, well here are some examples:

  • Every Month a report that has Cisco’s response to the latest Microsoft Security Bulletin. This includes recommendations on how to use Cisco gear to thwart the threats. Everything from the exact Cisco IPS signature numbers to example code snipits for ACLs, NBAR, etc are provided when applicable. Check out the October one here http://tools.cisco.com/security/center/getDocument.x?id=634
  • Intellishield reports that provide in depth info on recently released vulnerabilities. These reports give details on things like the urgency(likely use), credibility, and Severity of a given vulnerability. Keep in mind that many of these reports are only available with the paid service but I’ve found that most of the big ones are provided free. Here is an example report http://tools.cisco.com/security/center/getDocument.x?id=633
  • IntelliShield Security Activity Reports are my favorite report type on the site. To describe these reports I’ll just quote from their website, “The IntelliShield Periodic Security Activity Report (PSAR) is a strategic intelligence product that highlights current security activity and mid- to long-range perspectives. The report addresses seven major risk management categories: vulnerability, physical, legal, trust, identity, human, and geopolitical. The PSARs are a result of collaborative efforts, information sharing, and collective security expertise of senior analysts from Cisco security services.” Here is an example, http://www.cisco.com/web/about/security/intelligence/PSAR_oct1-7.html
  • A complete listing and detail around the latest Cisco IPS Signatures available. This detail includes a description of the signature and threat, known benign triggers, links to related security reports, and the severity of the alarm. Here is an example, but it does require CCO login, http://tools.cisco.com/security/center/prsc/viewSignature.x?signatureId=5906&signatureSubId=0
  • All of the Cisco product security alerts, or PSIRTs, are listed on the site. Details of the vulnerability, as well as any viable workarounds, are provided. Here is an example, http://www.cisco.com/en/US/products/products_security_advisory09186a00808d72db.shtml

Take a look at the site and some of the reports available. What do you think of the content available? Anything missing that you’d like to see? The opinions and information presented here are my personal views not those of my employeer.

Copyright © 2007 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022