Black Hat doesn’t scare Cisco

VEGAS —  A couple of years ago Cisco fought Black Hat over a
presentation. This year there are at least three presentations that
deal with various Cisco vulnerabilities.

Does that worry Cisco?

at all according to Russell Smoak Director Technical Services for Cisco
Security Intelligence Engineering.  Smoak told me that all of the
presenters first disclosed their information to Cisco and Cisco has
been aware of and already patched any potential vulnerabilities months

Smoak did say that Cisco is always concerned about security
vulnerabilities but overall they’ve got a very good working
relationship with the security research community as well as other
vendors like Microsoft and even competitor Juniper Networks.

While some organizations might pay security researcher to disclose vulnerabilities, Cisco is not one of them

“No money changes hands with researchers,” Smoak said. “But we find other
ways to work together.”

Overall the real key for Cisco is about getting more best practices in
place at enterprises to protect and mitigate against vulnerabilities.

“I believe that  there are around 20  best practices that will really insulate you
against 95 percent of issues,” Smoak said.

News Around the Web