Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 © 1999, Cisco Systems, Inc. CRC-PSIRT Cisco PUBLIC Cisco Product Security Incident Response Product Security Incident Response Team

Published byAlyson Lynn Scott Modified over 9 years ago

Similar presentations

Presentation on theme: "1 © 1999, Cisco Systems, Inc. CRC-PSIRT Cisco PUBLIC Cisco Product Security Incident Response Product Security Incident Response Team"— Presentation transcript:

1 1 © 1999, Cisco Systems, Inc. CRC-PSIRT Cisco PUBLIC Cisco Product Security Incident Response Product Security Incident Response Team <psirt@cisco.com>

2 2 © 1999, Cisco Systems, Inc. CRC-PSIRT Cisco PUBLIC Product Security Incident Managers : Jim Duncan Lisa Napier Damir Rajnovic PSIRT Evangelist: Richard Aceves Serviceability Design Product Security Incident Managers : Jim Duncan Lisa Napier Damir Rajnovic PSIRT Evangelist: Richard Aceves Serviceability Design 2 © 1999, Cisco Systems, Inc. www.cisco.com Network Security Response 101

3 3 CRC-PSIRT © 1999, Cisco Systems, Inc. Cisco PUBLIC About PSIRT The PSIRT covers ALL Cisco products! (Not just security products) Handle customer’s security incidents Our service is free of charge Liaison member of FIRST (Infosec is the full member) One of the several groups which deals with security (some of the others are: Infosec, SecurityConsulting, SNS, Consulting)

4 4 CRC-PSIRT © 1999, Cisco Systems, Inc. Cisco PUBLIC Product Security Incident Manager Incident Manager is a member of the Escalation Team Responds to active attacks; mostly intrusions or denial-of-service (DoS) attacks Assists with computer and network forensics: analysis, packet traces, logs, second opinions Point-of-Contact for receiving and pursuing external reports of vulnerabilities in Cisco products Proactive work on new products and evaluation of existing ones

5 5 CRC-PSIRT © 1999, Cisco Systems, Inc. Cisco PUBLIC External Liaisons PSIRT members are active in US and EU area: FBI (EU) National Infrastructure Protection Center (US) Internet Crime Forum (UK) National Criminal Intelligence Service (UK) G8 Hi-Tech Crime Subcommittee Partnership for Critical Infrastructure Security (US)

6 6 CRC-PSIRT © 1999, Cisco Systems, Inc. Cisco PUBLIC Who Qualifies for PSIRT Help? Cisco products likely to be involved, but not required No maintenance contract required Case will be send to PSIRT if customer specifically asks The same if caller is identified as law enforcement officer or member of an incident response team Otherwise the normal queue process applies

7 7 CRC-PSIRT © 1999, Cisco Systems, Inc. Cisco PUBLIC Don’t Send This Stuff to PSIRT Proactive setup or general configuration questions Security policy or design questions Hypothetical questions Ordinary (non-security) bugs with Cisco products Lost enable passwords

8 8 CRC-PSIRT © 1999, Cisco Systems, Inc. Cisco PUBLIC Confidentiality Confidentiality is even more important for security incidents than ordinary cases Information leaks can hurt the customer and Cisco Minimize discussion to maintain confidentiality

9 9 CRC-PSIRT © 1999, Cisco Systems, Inc. Cisco PUBLIC Confidentiality (cont.) PSIRT uses its own tracking system which is separate from the rest of the company Only PSIRT members do have access to it Mailing list is closed with strictly controlled members Strict application of need-to-know rules for every information and issue which we are handling

10 10 CRC-PSIRT © 1999, Cisco Systems, Inc. Cisco PUBLIC Contacting PSIRT for non-emergency messages for emergencies +1 877 228 7302 (toll-free in North America) +1 408 525 6532 (elsewhere in the world) If no response, contact Incident Managers separately http://www-tac.cisco.com/Teams/PSIRT/psirt-members.html Fallback provided by PSIRT liaison members, Escalation Teams, and the TAC Manager on Duty

11 11 CRC-PSIRT © 1999, Cisco Systems, Inc. Cisco PUBLIC References PSIRT web page http://www.cisco.com/warp/public/707/sec_incident_response.s html Security Advisories and guides on CCO http://www.cisco.com/warp/public/707/advisory.html

Download ppt "1 © 1999, Cisco Systems, Inc. CRC-PSIRT Cisco PUBLIC Cisco Product Security Incident Response Product Security Incident Response Team"

Similar presentations

Identifying and Responding to Security Incidents in the Law Firm

Identifying and Responding to Security Incidents in the Law Firm
Philippine Cybercrime Efforts

Philippine Cybercrime Efforts
Computer Emergency Response Teams

Computer Emergency Response Teams
Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.

Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.
Planning for the Future Disaster Recovery Plan / Business Continuity Plan Jim Zukowski, Ed.D. Texas State Board of Dental Examiners 2006 Annual ConferenceAlexandria,

Planning for the Future Disaster Recovery Plan / Business Continuity Plan Jim Zukowski, Ed.D. Texas State Board of Dental Examiners 2006 Annual ConferenceAlexandria,
16254_08_2002 © 2002, Cisco Systems, Inc. All rights reserved. Cisco’s Security Vision Mario Mazzola Chief Development Officer August 29, 2002.

16254_08_2002 © 2002, Cisco Systems, Inc. All rights reserved. Cisco’s Security Vision Mario Mazzola Chief Development Officer August 29, 2002.
Security Controls – What Works

Security Controls – What Works
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
Cyberspace and the Police Mamoru TAKAHASHI Head of Computer Forensic Center, Hi-tech Crime Technology Division National Police Agency, Japan.

Cyberspace and the Police Mamoru TAKAHASHI Head of Computer Forensic Center, Hi-tech Crime Technology Division National Police Agency, Japan.
1 Case Study ESTABLISHING NATIONAL CERT By Saleem Al-Balooshi Etisalat - AE.

1 Case Study ESTABLISHING NATIONAL CERT By Saleem Al-Balooshi Etisalat - AE.
(Geneva, Switzerland, September 2014)

(Geneva, Switzerland, September 2014)
Computer Security Fundamentals

Computer Security Fundamentals
Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.

Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.
Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.

Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.
Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer

Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer
University of Missouri System 1 Security – Defending your Customers from Themselves StateNets Annual Meeting February, 2004.

University of Missouri System 1 Security – Defending your Customers from Themselves StateNets Annual Meeting February, 2004.
Network Security Monitoring By Bea Wilds CS 522 6 Dec 06.

Network Security Monitoring By Bea Wilds CS Dec 06.
PacNOG 6: Nadi, Fiji Dealing with DDoS Attacks Hervey Allen Network Startup Resource Center.

PacNOG 6: Nadi, Fiji Dealing with DDoS Attacks Hervey Allen Network Startup Resource Center.
 Southwest Florida Local Managed Services Company  Technicians throughout Florida, North Carolina, and New York  Knowledgeable Core Team  Certified.

 Southwest Florida Local Managed Services Company  Technicians throughout Florida, North Carolina, and New York  Knowledgeable Core Team  Certified.
1 Deployment of Computer Security in an Organization CE-408 Sir Syed University of Engineering & Technology 99-CE-282, 257 & 260.

1 Deployment of Computer Security in an Organization CE-408 Sir Syed University of Engineering & Technology 99-CE-282, 257 & 260.

Similar presentations

Ads by Google