Streamline Threat Detection with Cisco XDR and Splunk Security
Security teams face overwhelming volume alerts every day, and often lack the resources to investigate and respond at scale. Cisco’s enhanced XDR solution integrates agent AI to correlate telemetry across networks, endpoints, cloud services, and email to represent the most critical threats. New features include instant attack verification, which uses spranco data and threat intelligence to automatically create and run investigation plans, allowing teams to validate incents and accelerate response times. Adding automated XDR forensics gives you deeper visibility into endpoint activity and improves the accuracy of your investigation. The new XDR Storyboard feature allows security teams to reduce the time it takes to quickly visualize, understand and respond to complex attacks. Complementing these updates, Splunk Enterprise Security and Splunk Soar 6.4 introduce enhanced detection accuracy, improved automation and increased network visibility. Organizations that integrate Cisco XDR with Splunk Solutions can build more efficient security operations centers that allow faster investigation and improved threat management.
Cisco broadens its AI security initiative
Based on the AI Defense Initiative, Cisco has announced several key measures to enhance AI security across the enterprise. This includes the launch of Foundation AI to develop open source security models and the new AI supply chain risk management controls. Foundation AI, a team formed through Cisco’s robust intelligence acquisition, has introduced the first inference model tailored to enhance security applications. Cisco plans to release benchmarks and building blocks to support real-world cybersecurity use cases. Additionally, AI supply chain risk management tools help organizations detect and block malicious or non-compliant AI model files before they enter the production environment, addressing threats such as addiction datasets and intellectual property risks.
Cisco and ServiceNow will deepen our partnership for AI risk management
Cisco and ServiceNow are expanding their collaboration to simplify AI risk management and governance. Enterprises plan to integrate Cisco AI defense with ServiceNow’s security operations platform to enable organizations to automate vulnerability assessments, increase visibility of AI applications, and improve real-time protection. Through this integration, organizations can streamline how they manage their AI assets internally, in third-party, and in unauthorized environments. Cisco AI Defense delivers telemetry and vulnerability insights directly to ServiceNow workflows, tailoring compliance teams targeting security, IT, and proactive AI security strategies. The first field trial is expected to begin soon, with wider availability planned for the second half of 2025.
Enhanced industrial IoT security
As digitalization expands into critical infrastructure and industrial environments, Cisco is expanding its cybersecurity solutions to better protect its operational technology (OT) environment. Cisco’s enhanced industrial threat defense is integrated with Cisco Cyber Vision, providing organizations with deeper risk prioritization through Cisco’s vulnerability management and Splunk Asset and risk intelligence. Additional integration with Cisco Secure Firewall and Splunk Enterprise Security improves automated network segmentation, integrated IT and OT visibility, and threat detection across operations and enterprise systems.
