/dqc/media/agency_attachments/3bO5lX4bneNNijz3HbB7.jpg)
Follow Us/dqc/media/media_files/2025/05/29/Y8LngKo7dbSrYksmfpKd.png)
Cisco Duo Identity and Access Management to Address Identity-Based Threats
Cisco has announced the launch of Duo Identity and Access Management (IAM), a new security solution to address the growing threat of identity-based cyberattacks. The company stated that the rise of AI-driven threats has intensified the focus on identity as a critical vector for attackers.
According to Cisco Talos Incident Response data for 2024, identity-based attacks account for 60% of cases handled. The company attributes this trend to gaps in existing identity protection solutions, which threat actors are increasingly targeting.
Features of Duo IAM Focusing on Identity-Based Threats
The Duo IAM solution integrates with Cisco’s existing multifactor authentication (MFA) capabilities. It is designed to help organizations enforce access controls, verify user identities, and support Zero Trust security models. The solution aims to secure identity workflows across hybrid and cloud environments.
Duo IAM is the latest development in Cisco’s broader security strategy, which includes a focus on zero-trust principles. The company has indicated that the solution is part of its ongoing efforts to simplify identity security and support secure user access.
Cisco has not disclosed specific timelines for the general availability of Duo IAM but noted that it will be integrated into its current security portfolio.
“The security industry is facing an 'identity crisis' as persistent identity-based attacks are among the most dangerous and costly challenges for security teams. Attackers don’t need to hack in when they can simply log in,” said Jeetu Patel, President and Chief Product Officer, at Cisco. “While identity is the foundation of strong security, traditional IAM solutions have failed to prioritize security despite increasingly sophisticated threats. With this massive innovation, Duo is moving beyond MFA and restoring trust in identity security with a fundamentally different approach that attackers hate and users love.”
Cisco Expands Identity Security Capabilities with Launch of Duo IAM
Cisco has introduced enhancements to its identity security portfolio with the release of Duo Identity and Access Management (IAM). The new offering is designed to help organizations address identity-based cybersecurity risks, which continue to increase as digital infrastructure grows in complexity.
According to Cisco’s 2025 Cybersecurity Readiness Index, nearly one-third of global organizations identified identity as their top cybersecurity concern. Cisco stated that existing IAM solutions often lack foundational security features, prompting the need for a purpose-built alternative.
Key Components of Duo IAM
Duo IAM enables centralized identity management across user directories, authentication services, and resource access. A newly introduced User Directory feature allows organizations to manage user data—such as usernames, email addresses, and roles—within a single platform.
The solution integrates with existing Duo capabilities, including multifactor authentication (MFA) and single sign-on (SSO), providing access to multiple applications through a unified login interface. According to Cisco, Duo IAM offers full lifecycle identity control while supporting both cloud and on-premises environments.
Third-Party Integration and Management Features
Duo IAM is designed to operate in open and hybrid environments. Its Identity Routing Engine supports integration with third-party identity providers. The engine can function as an identity broker or as a secondary provider, facilitating deployment alongside existing systems.
Cisco has also embedded the Cisco AI Assistant within Duo IAM to assist IT teams in deployment and configuration tasks. This integration is intended to simplify adoption and ongoing management.
Phishing Resistance Enhancements
With the increase in AI-driven phishing and account takeover attacks, Cisco has introduced new features to enhance Duo MFA. These include:
-
Complete Passwordless Authentication: Enables secure access without passwords.
-
Proximity Verification: Uses Bluetooth Low Energy (BLE) to confirm that user and access devices are physically near each other during authentication.
-
Session Theft Protection: Enhancements to Duo Passport remove reliance on browser cookies, offering stronger resistance to session hijacking.
Integrated Identity Intelligence
To address risks associated with fragmented identity infrastructures, Duo IAM integrates with Cisco Identity Intelligence. This system aggregates identity and access data across Cisco’s Security Cloud platform.
Through AI-based behavioural analysis and network-level telemetry, organizations can gain visibility into suspicious activity. Cisco stated that this enables automated responses, including session termination, identity quarantine, and network isolation.
The launch of Duo IAM aligns with Cisco’s broader Zero Trust security framework. The company continues to focus on developing integrated, policy-based access controls to mitigate identity-related threats and reduce attack surfaces across enterprise IT systems.
“Cisco Duo has been a trusted security partner when it comes to MFA, and in today's environment we're eager to use these new capabilities to fight growing identity-based attacks,” said Todd Perrault, SVP of Client Advisory, Optiv. “Duo's expanding suite of identity and access management solutions will deliver even stronger results for our customers with a security-first approach to identity while providing reduced friction for end users.”
“Identity breaches are no longer the exception—they're the rule. Seeing a trusted security brand like Duo broaden from access management to include identity management and provide a security-first approach in the market is both timely and refreshing,” said Todd Thiemann, Principal Analyst, Enterprise Strategy Group. “Duo's commitment to maximising security while minimizing user and admin friction is exactly what the industry needs. In particular, their approach to end-to-end phishing resistance marks a major leap forward, not just in security but also in ease of deployment, to combat the latest identity threats.”
Conclusion
With the introduction of Duo IAM, Cisco continues its efforts to respond to the evolving threat landscape, particularly the increased use of identity-based attack vectors. The solution aims to enhance the security posture of organisations managing access in complex IT environments.
Read More:
Navigating the Challenges of System Integration: Growth and Innovation
Navigating System Integration in the Digital Era: Overcoming the Challenges
Freshworks Partner Program: Insights into the Evolving Channel Ecosystem
New Relic Partner Program: Insights on the Enhancements with AI Integration