Cisco Enhances AI Protection in Security Cloud

Cisco announced updates to the Cisco Security Cloud. These updates introduce new capabilities to its security platform that is unified and AI-driven.

DQC Bureau
New Update
Rapyder Signs Strategic Agreement with AWS to Boost GenAI

Cisco announced Cisco Security Cloud

Cisco, a company in the networking and security sector, has announced updates to the Cisco Security Cloud. These updates introduce new capabilities to its security platform that is unified and AI-driven. The platform aims to improve the protection of applications, devices, users, and data. It also seeks to enhance the ability of companies to detect, respond to, and recover from security incidents more efficiently.


The company highlights the challenges of securing the modern digital environment, which is widely distributed and complex. The difficulty is compounded by the increasing sophistication of attacks and a global shortage of cybersecurity professionals, as the 2024 Cisco Cybersecurity Readiness Index reported. Nearly 90 percent of companies acknowledge this shortage as a pressing concern. Cisco suggests that organizations integrate AI into their security strategies to address these challenges effectively.

“At the RSA Conference last year, we delivered enhanced customer efficacy and economics through a platform approach to security with the Cisco Security Cloud. By minimizing point-solutions, customers have end-to-end visibility, intelligence and automation with AI, and simplified management with Cisco’s unified security infrastructure,” said Jeetu Patel, Executive Vice President and General Manager for Security and Collaboration at Cisco. “Since then, our security momentum has continued to accelerate. With ‘zero to one’ innovation like Cisco Hypershield and strategic acquisitions like Splunk and Isovalent, the power of Cisco’s security platform is supercharged and unmatched.” 

Cisco has introduced measures to assist customers in defending against cyber threats by enhancing detection and blocking capabilities through Cisco Hypershield. Additionally, Cisco Duo is being utilized to address identity attacks. The company is also collaborating with Splunk to improve the efficiency of security operations centers (SOCs) by providing tools for informed decision-making.


Key developments include:

  • Integration of Cisco Extended Detection & Response (XDR) with Splunk Enterprise Security (ES), allowing for the transfer of high-fidelity alerts and detections to accelerate investigation and remediation processes.
  • Introduction of Splunk Asset and Risk Intelligence to enhance proactive risk mitigation through continuous asset discovery and compliance monitoring.
  • Deployment of Cisco AI Assistant for Security within Cisco XDR, designed to aid security analysts in responding to threats with contextual insights and automated workflows.
  • Enhancement of cloud detection and response capabilities with Cisco’s Panoptica platform, which employs AI and ML to alert security teams to threats in cloud applications, and GenAI Dynamic Remediation for quick issue resolution.

These initiatives are part of Cisco’s strategy to advance the capabilities of SOCs and improve organizational resilience against cyber threats.


“The XDR market is broad, one that includes many companies that promise to deliver a more complete view of the security stack beyond the endpoint. In doing so, XDR aims to detect cybersecurity threats across multiple domains,” said Will Townsend, VP & Principal Analyst, Moor Insights. “Observability is key, and with its successful acquisition of Splunk, Cisco is poised to enhance its XDR solution launched one year ago, now adding AI, unified threat detection, investigation, response and transformation capabilities aimed at enhancing security operations.”

"At Optiv, we provide solutions with an integrated approach that spans the entirety of their cybersecurity journey, all with a focus on accelerating their business outcomes," said John Hurley, Chief Revenue Officer, Optiv. "Cisco's integrated AI-driven platform, the Cisco Security Cloud, is a solution that helps reduce complexity. The integration of Cisco XDR and Splunk Enterprise Security will enable our clients to operate efficiently while making informed decisions on how to bolster their cyber resiliency.”

Cisco has updated its Hypershield service to address both known and unknown vulnerabilities in data centers. The service, which was introduced last month, now includes detection and isolation features for runtime workload environments to prevent the spread of potential threats.


Hypershield is designed to secure data centers and cloud environments, safeguarding applications, devices, and data in various locations. It utilizes artificial intelligence to enhance security measures beyond traditional human capabilities.

In addition to Hypershield, Cisco is focusing on identity security with its Duo service. The goal is to ensure continuous verification of user actions without hindering their experience. Duo Passport has been introduced to reduce the need for repeated authentication, and Cisco Identity Intelligence in Duo uses AI analytics to evaluate and manage identity risks.

These updates are part of Cisco’s efforts to improve security in the face of evolving cyber threats and the increasing reliance on digital infrastructure.


“Cisco Duo is advancing past its core access management functions, incorporating identity enrichment from Cisco Identity Intelligence and introducing Duo Passport,” said Todd Thiemann, Senior Analyst, Enterprise Strategy Group. “This evolution leads to Continuous Identity Security, where access adapts in real-time to the associated risk, crucial in today's threat landscape where identity-based attacks are on the rise Cisco Duo's commitment to dynamic response to risk.”

Read More Articles Here..

Read IT News Here..