Where can I report Zero-day and other malicious programs to improve Web Security Appliance filters?

When scanning actively vulnerabilities on our network we meet sometimes emerging or other malware exploits that connect to the command and control on the Internet servers. Where can I report a URL command and control servers to Cisco to improve the Web Security Appliance for the entire community of Cisco?

Currently, we use only the black list feature in the WSA.

It would be more useful that these C & C sites have been blocked by the signatures of Cisco.

The Security Center, a self-service portal, offers a new option to check the reputation of URL, and/or submit URLs for review. All the presentations via the portal are usually reviewed within 24 hours.

  • Go to https://securityhub.cisco.com (authentication required)
  • Click on requests for URL reputation > Lookup or submit URLs
  • Enter the URL in the box provided (one per line)
  • Select Web Cloud security > Lookup > This will show you the current reputation for each URL (by example, if neutral is he not be blocked)
  • From there, you can submit the URL (s) for review by suggesting a different type (e.g. malicious if you think he should be blocked)

I hope this helps.

--

Sara

Tags: Cisco Security

Similar Questions

Maybe you are looking for