Cisco starts spewing vuln info everywhere, in a good way

API lets you select Borg security data from a menu


Security folk will be able to suck down Cisco vulnerabilities notices in more ways than ever thanks to a new application programming interface launched today.

The Cisco security team's (PSIRT) openvuln plug is a RESTful API supporting standards like Common Vulnerability Reporting Framework (CVRF), Open Vulnerability and Assessment Language (OVAL), Common Vulnerability and Exposure (CVE) identifiers, and the Common Vulnerability Scoring System (CVSS).

Borg bod Omar Santos says the new API it will help admins to build more effective tools.

"In this case, it enables them to easily keep up with security vulnerability information specific to their network.

"That frees up more time for them to manage their network and deploy new capabilities in their infrastructure."

The API lets Borg assimilates to use OVAL definitions and CVRF data to create rules for internal automated network assessment.

Santos says it means the vulnerability evaluation process will be simpler and patch times reduced.

Excited security wonks can check out the respective Cisco API developer site. ®


Biting the hand that feeds IT © 1998–2020