Cisco unveils AI-powered tools to enhance on-premises observability

Enterprise networking and security firm Cisco has announced a plethora of what it calls "industry-disrupting security innovations" across the Cisco Security Cloud, to both fuel and safeguard the AI revolution.

The company's recent acquisition of Splunk and the momentum of Cisco Hypershield have given rise to the latest powerful integrations. Just two months post-acquisition, Cisco and Splunk are enabling their customers to fast-track their journey towards the Security Operations Centre (SOC) of the future. This has given birth to the industry's first AI-native security architecture, providing the capacity to shield against both known and unknown attacks via Cisco Hypershield.

Jeetu Patel, Executive Vice President and General Manager for Security and Collaboration at Cisco, said, "At the RSA Conference last year, we delivered enhanced customer efficacy and economics through a true platform approach to security with the Cisco Security Cloud. Since then, our security momentum continues to accelerate. With zero to one innovation like Cisco Hypershield and strategic acquisitions like Splunk and Isovalent, the power of Cisco's security platform is supercharged and unmatched."

In addition to detecting and blocking unknown vulnerabilities with the use of Cisco Hypershield, Cisco is offering an answer to the upsurge of identity attacks with Cisco Duo. Simultaneously, it is reimagining the SOC with Splunk. This allows security analysts to react swiftly and make informed decisions using contextual insights and automated workflows.

By converging the platforms of Cisco and Splunk, they plan to introduce many additional opportunities to advance security operations. Among other features, the New Cloud Detection and Response Capabilities enabled by Cisco's Panoptica cloud native application protection platform (CNAPP) will use AI and ML to detect and alert security teams to emerging threats within cloud applications in real-time.

"Observability is key, and with its successful acquisition of Splunk, Cisco is poised to enhance its XDR solution launched one year ago, now adding AI, unified threat detection, investigation, response and transformation capabilities aimed at enhancing security operations," noted Will Townsend, VP & Principal Analyst at Moor Insights.

Cisco is also addressing the growing sophistication and complexity of threats in today's data centre attack landscape with a new approach. Cisco Hypershield is an innovative method of securing data centres and clouds, designed to protect against unknown vulnerabilities within runtime workload environments. Additionally, it has the ability to isolate suspected workloads to limit the blast radius of the vulnerability. This effort marks a significant leap forward in the realm of data centre and cloud security.

Moreover, in response to the rise in identity-based attacks, Cisco continues to evolve security solutions to deliver a simpler, more seamless user experience. Todd Thiemann, Senior Analyst at the Enterprise Strategy Group, noted, "Cisco Duo is advancing past its core access management functions, incorporating identity enrichment from Cisco Identity Intelligence and introducing a streamlined access experience with Duo Passport, leading to Continuous Identity Security, where access adapts in real-time to the associated risk."