Top Security Highlights from 2014

2014 has been a busy and exciting year for security at Cisco! The team has worked extremely hard to provide our customers with unmatched visibility, continuous control and advanced threat protection across the entire attack continuum.

Among many things, Cisco launched the first threat-focused Next Generation Firewall: Cisco ASA with FirePOWER Services. This solution delivers integrated threat defense across the entire attack continuum by combining proven ASA firewall with Sourcefire threat and advanced malware protection (AMP) in a single device. We also announced the integration of AMP into our Cisco Web and Email Security Appliances and Cloud Services, known as AMP Everywhere.

In April, Cisco announced its Managed Threat Defense Service. Instead of worrying about assessing the best technology options, retaining the right number of security experts, and constantly staying current with the changing threat landscape, you can now partner with a trusted advisor in a simple cost-effective way.

Another highlight of 2014 was the introduction of Cisco Talos, our team of renowned threat researchers. Talos has contributed a large amount of threat information to the Cisco Collective Security Intelligence ecosystem over the past year and has been recognized for uncovering major threats and vulnerabilities in the industry such as the Kyle and Stan malvertising network. 

Last but not least, in 2014 we welcomed Threatgrid and Neohapsis into the Cisco security family. Together, we are even better able to deliver leading security technologies and solutions for our customers.

With 2014 coming to an end, we pulled together a quick list to summarize some of this year’s leading security posts. Check out the list below and stay tuned for more great things to come in 2015!

Cisco Security Posts Highlights

 

Managed Threat Defense >> http://cs.co/2014_11
Bryan Palma announces Managed Threat Defense Service, which uses machine learning algorithms and predictive analytics to detect possible threats in real-time. Suspected incidents get immediately escalated to a trained Cisco Security Investigator in one of our global Security Operations Centers, where they validate the fidelity of the incident before partnering with the customer’s team to remediate.

 

Dynamic Detection of Malicious DDNS >> http://cs.co/2014_10
Levi Gundert analyzes and explores the role of DDNS in the context of cyber attack proliferation and presents the case for adding an operational play to the incident response and/or threat intelligence playbook to detect attack pre-cursors and attacks in progress.

RIG Exploit >> http://cs.co/2014_9
Cisco Talos observed high levels of traffic consistent with the “RIG” exploit kit in June. The exploit kit reportedly began being advertised on criminal forums in April, which coincided with when Cisco first began blocking this traffic on April 24^th.

OpenAppID >> http://cs.co/2014_8
In February, Cisco announced OpenAppID, an open, application-focused detection language and processing module for Snort that enables users to create, share, and implement application detection. OpenAppID puts control in the hands of users, allowing them to control application usage in their network environments and eliminating the risk that comes with waiting for vendors to issue updates.

Cisco Leads in Security Effectiveness >> http://cs.co/2014_7
NSS Labs released the final reports from its 2014 comparative NGFW testing, focusing on security effectiveness, total cost of ownership, performance and management. Classic FirePOWER appliances, such as the FirePOWER 8350 and the new Cisco ASA with FirePOWER Services, were included and scored equally well in testing, specifically in security efficacy.

Coordinated Website Compromise Campaigns >> http://cs.co/2014_6
In March, Cisco Talos observed a large malicious web redirect campaign affecting hundreds of websites. Attacks compromised legitimate websites, inserting JavaScript that redirects visitors to other compromised websites.

 

Snort 3.0 >> http://cs.co/2014_5
Martin Roesch announces the alpha release of Snort 3.0, significantly expanding the architecture and making it easier for people to learn and run Snort.

Kyle and Stan >> http://cs.co/2014_4
Cisco Talos uncovered a major malvertising network, Kyle and Stan, which was distributing sophisticated, mutating malware for Windows and Macs.

String of Paerls >> http://cs.co/2014_3
Cisco Talos uncovered and outlined a new attack known as the String of Paerls. This attack combined an extremely targeted spearphishing attack with an exploit attempt.

 

IE Zero Day >> http://cs.co/2014_2
Cisco Talos discusses the discovery of a new Internet Explorer zero-day exploit in this blog post. It underlines how exposed web browsers are to vulnerabilities for which a patch is yet to be released.

 

Introducing the Industry’s First Threat-Focused Next-Generation Firewall >> http://cs.co/2014_1

Scott Harrell announced Cisco ASA with FirePOWER Services - the industry’s first and only adaptive and threat-focused NGFW, designed to deliver on the three imperatives a NGFW must provide to protect modern enterprise networks — being visibility-driven, threat-focused, and platform-based.