- The newest Echo Show 8 just hit its lowest price ever for Black Friday
- 기술 기업 노리는 북한의 가짜 IT 인력 캠페인··· 데이터 탈취도 주의해야
- 구글 클라우드, 구글 워크스페이스용 제미나이 사이드 패널에 한국어 지원 추가
- The best MagSafe accessories of 2024: Expert tested and reviewed
- Threads will show you more from accounts you follow now - like Bluesky already does
At RSA, Cisco unveils Splunk integrations, Hypershield upgrades
“And we don’t force the operator to leave their preferred security tool that their SOC is built around – it is the best of both worlds,” Shipley stated. “And for those organizations who are already Splunk ES users, the integration of Cisco XDR enables analytics on network, endpoint and cloud telemetry that were previously unavailable to them.”
In addition to the ES integration, Cisco’s XDR now adds Splunk’s Asset and Risk Intelligence package, which offers a constantly updated inventory of assets, such as devices, applications, cloud services and user identities, by correlating data across multiple sources within an organization. The idea is to offer customers proactive risk mitigation through continuous asset discovery and compliance monitoring, according to Splunk.
Cisco has also added an XDR AI Assistant to look over security information gathered by XDR and help customers coordinate and speed response decisions about evolving threats by tying together contextual insights, guided responses, recommended actions and automated workflows, Cisco stated.
Cisco bolsters Hypershield architecture, Duo software
Also at RSA, Cisco announced it has added the ability to detect and block attacks stemming from unknown vulnerabilities within runtime workload environments from its recently introduced Hypershield architecture. In addition, suspected workloads can be isolated to limit a vulnerability’s blast radius.
Hypershield basically implements a distributed security fabric that encompasses AI-based software, virtual machines, and other technology that Cisco says will ultimately be baked into core networking components, such as switches, routers or servers. The idea is that every network port can be made into a security policy-enforcement point, letting customers set security controls at the workload level and preventing lateral movement of threats, Cisco says.
In addition, Cisco its adding its Identity Intelligence technology to its Duo access-protection software. Cisco’s cloud-based Duo service helps protect organizations against cyber breaches by using adaptive multi-factor authentication (MFA) to verify the identity of users and the health of their devices before granting access to applications.