- How to Become a Chief Information Officer: CIO Cheat Sheet
- 3 handy upgrades in MacOS 15.1 - especially if AI isn't your thing (like me)
- Your Android device is vulnerable to attack and Google's fix is imminent
- Microsoft's Copilot AI is coming to your Office apps - whether you like it or not
- How to track US election results on your iPhone, iPad or Apple Watch
At RSA, Cisco unveils Splunk integrations, Hypershield upgrades
“And we don’t force the operator to leave their preferred security tool that their SOC is built around – it is the best of both worlds,” Shipley stated. “And for those organizations who are already Splunk ES users, the integration of Cisco XDR enables analytics on network, endpoint and cloud telemetry that were previously unavailable to them.”
In addition to the ES integration, Cisco’s XDR now adds Splunk’s Asset and Risk Intelligence package, which offers a constantly updated inventory of assets, such as devices, applications, cloud services and user identities, by correlating data across multiple sources within an organization. The idea is to offer customers proactive risk mitigation through continuous asset discovery and compliance monitoring, according to Splunk.
Cisco has also added an XDR AI Assistant to look over security information gathered by XDR and help customers coordinate and speed response decisions about evolving threats by tying together contextual insights, guided responses, recommended actions and automated workflows, Cisco stated.
Cisco bolsters Hypershield architecture, Duo software
Also at RSA, Cisco announced it has added the ability to detect and block attacks stemming from unknown vulnerabilities within runtime workload environments from its recently introduced Hypershield architecture. In addition, suspected workloads can be isolated to limit a vulnerability’s blast radius.
Hypershield basically implements a distributed security fabric that encompasses AI-based software, virtual machines, and other technology that Cisco says will ultimately be baked into core networking components, such as switches, routers or servers. The idea is that every network port can be made into a security policy-enforcement point, letting customers set security controls at the workload level and preventing lateral movement of threats, Cisco says.
In addition, Cisco its adding its Identity Intelligence technology to its Duo access-protection software. Cisco’s cloud-based Duo service helps protect organizations against cyber breaches by using adaptive multi-factor authentication (MFA) to verify the identity of users and the health of their devices before granting access to applications.