We are the Juniper Networks Security Incident Response Team (SIRT) and we handle all aspects of possible security issues with Juniper products. Our team looks for them, accepts information about them, works to get bugs fixed, and publishes Juniper Security Advisories. We also participate in numerous security organizations like FIRST and ICASI.
From time to time, particularly with the current proliferation of “branded” vulnerabilities like Heartbleed, Shellshock, Ghost, and Logjam getting significant attention, it will be useful for SIRT to be able to quickly announce that we’re investigating or perhaps even that a popular issue doesn’t affect any of our products. This blog gives us the opportunity to put out statements from Juniper SIRT in real time.
SIRT also plans to use this blog to discuss the way we do certain things, or perhaps to discuss trends or standards in incident response. For example, in the near future we’ll be transitioning from using version 2 of the Common Vulnerability Scoring System (CVSS) to the newly released version 3. Look for a future blog post to discuss the differences and how they will impact our JSAs.