What is a Cisco PSIRT? Cisco Product Security Incident Response Team

Cisco PSIRT (Cisco Product Security Incident Response Team) is a dedicated global team which is responsible for managing and responding to security incidents including reporting, investigations within Cisco products and networks.

Security incidents are key concerns for organizations across the world. Effective management of security vulnerabilities calls for a well well-structured Security Incident Response Team (SIRT) to manage cyber incidents proactively. There are different ways enterprises handle security incident responses.

Certain enterprises had their own security incident response teams to manage and handle incidents. Medium or small organizations may opt for outsourcing security incident management.

In today’s article we will understand about the Cisco Product Security Incident Response Team (PSIRT) team, how it functions, and its key characteristics. 

Cisco PSIRT

The technologies are evolving very fast and the number of products, packages and connected devices are growing exponentially. Customers are demanding more transparency in disclosure of security vulnerabilities. Security vulnerability disclosure and remediation both cause impact on services availability hence the customers expect vendors to ensure their products have minimum or no vulnerabilities. 

The Cisco Product Security Incident Response Team (PSIRT) is a global, dedicated team which receives, investigates and publishes security vulnerability information globally on Cisco products and networks. This team is quite old and has been supporting its customers for almost 30 years and it is ISO/IEC 29147:2014 compliant for vulnerability disclosure and the only team within Cisco authorized for disclosure of vulnerability related information.

Cisco PSIRT protects customers by managing security vulnerabilities and provides transparency on actions. PSIRT performs investigations, coordinates on product assessments, and releases security advisories and fixes / patches.

This team handles security vulnerabilities across proprietary code and third party software components used in Cisco products portfolio.  The security advisories are published using Cisco PSIRT OpenVuln API which provides machine readable security data. PSIRT team works with security researchers and security experts while investigating and in disclosure of vulnerabilities. 

How Cisco PSIRT works

• Security incident is notified to Cisco PSIRT 

• PSIRT decides incident priority and identifies the resources

• PSIRT coordinates with product assessment teams for fixes

• PSIRT notified customers and public accordingly 

Characteristics of Cisco PSIRT 

• It is established as per industry standard and follows standard policies, processes, rules and scoring systems
• It is a mature team structure which uniformly applies all processes consistently across cisco portfolio of products 
• It has dedicated support for product and network protection
• Quick assignment of CVE IDs for discovered vulnerabilities
• Public disclosure of internal and external vulnerabilities 

Related FAQs

ABOUT THE AUTHOR

Rashmi Bhardwaj

Founder of AAR TECHNOSOLUTIONS, Rashmi is an evangelist for IT and technology. With more than 12 years in the IT ecosystem, she has been supporting multi domain functions across IT & consultancy services, in addition to Technical content making.

You can learn more about her on her linkedin profile – Rashmi Bhardwaj