Cisco Systems made several significant security product updates at the RSA 2024 Conference, with a key development being the integration of its XDR platform with technology from Splunk, following Cisco’s acquisition of Splunk for $28 billion in March. This integration will enhance threat detection capabilities by allowing XDR to operate more effectively across various tools and environments. Splunk’s SIEM system will provide broader context for threat detection than XDR alone.
In addition, Cisco announced updates to its Hypershield architecture, adding features to detect and prevent attacks exploiting unknown vulnerabilities. By utilizing AI, Hypershield can identify attack patterns to protect against both known and unknown threats, providing enhanced cybersecurity.
Another update included enhancements to Duo Security, reducing the need for continuous authentication by tracking sessions at the operating system level, thus reducing MFA fatigue for users.
Cisco also introduced an AI Assistant for Security in XDR, empowering analysts with contextual insights, guided responses, recommended actions, and automated workflows to address evolving threats.
Splunk, a Cisco-owned company, unveiled its Splunk Asset and Risk Intelligence tool, designed to assist Security Operations Center (SOC) teams in improving visibility into security risks by aggregating data from various devices and environments. This tool provides an updated inventory of assets and identities, mapping relationships between them to accelerate security investigations and enhance compliance.
Overall, these updates aim to strengthen Cisco’s security offerings, providing advanced capabilities to detect, prevent, and respond to cybersecurity threats in real time. The integration with Splunk technology and the addition of AI-driven features enhance the effectiveness and efficiency of Cisco’s security solutions, ensuring optimal protection for organizations in an increasingly complex and sophisticated threat landscape.
Article Source
https://www.crn.com/news/security/2024/5-big-cisco-splunk-security-announcements-at-rsac-2024