What's this all about??

Free publicity and willingness to fix their sh!t.

Every software product has bugs, lots of them. When you hear a lot of bug warnings and fixes it means that the discovery and fix process works. You should be scared about those that have no warnings or reports because it’s a shitshow.

"Cisco is not aware of any exploits.". Because Cisco operates the largest and most accurate security monitoring org in the world thru Talos, and contributes a majority of the industry's threat identification - including attacking and testing their own products and finding issues their developers left just like every other vendor has - they just find, fix, and publish them. What most industry products ship with for security are baseline snort modules which were actually open sourced by Talos - the security threats that are recent are live in Cisco products due to the investments made in finding these issues. It is why security lag time is 2 hrs on Cisco vs 100 days as industry average. And Cisco makes mistakes like everyone else - but we fix and publish them more regularly than other vendors too because customer sat and security are number one goal. It's a hard culture for many to understand when you aren't in it, but I encourage everyone to try a rotation and experience it first hand!