In addition to announcing your new agreement with Servicenow, Cisco He has taken advantage of the RSA Security Conference, held a few days ago in San Francisco, to present several novelties in safety related to AI and business. Among them are Cisco XDR and improvements for Splunk Security.
The first is designed to facilitate the work to the security teams of the companies, in relation to the thousands of alerts of threats they receive daily. Cisco XDR is responsible for the management of this matter by correlation of telemetry on the network, terminals, cloud or email, among other environments. Cisco XDR integrates various new functions to allow answers based on AI that allow to detect attacks faster.
As for Splunk Security, the new instantaneous verification of attacks integrates data from the Splunk platform, as well as terminals, networks or intelligence, among other sources. In addition, it uses agricultural to create and execute personalized research plans. This function investigates and forms threats, and allows security equipment to automate answers to stop attacks.
In addition, the new automated forensic analysis capabilities of XDR offer visibility of the activity of the terminals with more depth, which allows to increase the accuracy of the investigations. And the new XDR Storyboard clearly visualizes complex attacks, which facilitates rapid understanding of threats, to improve the answer.
Splunk Enterprise Security (ES) y Splunk SOAR 6.4 They improve defenses against known and unknown threats. Both offer more visibility, precision in integrated and automated work detections and flows to increase efficiency. Splunk Soar 6.4 is now available, while Splunk Enterprise Security 8.1 will arrive in June.
In the Security section for AI, and IA for Security, Cisco has presented its new Foundation AI team, composed of experts in AI and Security, formed from the purchase of Robust Intelligence. This team has just launched its first open source reasoning model designed specifically to improve security applications.
It will also present new reference points to evaluate cybersecuriadd models in real cases, as well as additional basic tools and components that will be used to adapt the models. These models and tools will promote collaboration between security experts and Machine Learning engineers, in addition to offering a base infrastructure to cybersecurity equipment.
On the other hand, Cisco has also announced a new package of safety controls for risk management of the AI supply chain. With them, customers will have more protection functions, and includes identification and blocking of malicious AI models before entering the company’s network.
Also the automatic detection and blockage of AI model files with open source software licenses that represent risks of regulatory property and compliance, and the identification and application of AI models coming from not allowed suppliers.
In the field of security for IoT, Cisco has announced New integrations with Cisco Cyber Visionthat improve your solution Industrial Threat Defense and expand the safety of IT to industrial environments. They include Cisco Vulnerability Management and Splunk Asset and Risk Intelligence to prioritize OT risks, Cisco Secure Firewall to automate the segmentation of the industrial network and improve the protection of operations, and the complement Splunk OT Security en Splunk ES to unify the visibility of IT and OT within soc and help detect threats that go through domains to protect multinationals.
