It’s nearing the end of April and for the security industry, this means it’s time for the RSAC Conference. Over the next week or so, about 50,000 people will flock to the Moscone Center to take in the latest and greatest in cyber.
One company that has retooled much of its portfolio over the past year is Cisco Systems Inc. and it’s used RSAC to launch many new products. At the 2023 conference, the company introduced its extended detection and response solution and last year it added enhancements to Identity Intelligence with Duo, more capabilities with Cisco Hypershield and Splunk-Cisco integrations.
At RSAC 2025, Cisco continued its security binging with the following:
- Additional enhancements to Cisco XDR
- Cyber Vision industrial internet of things and operational technology integration with Hybrid Mesh Firewall.
- AI supply chain risk management — visibility into and control of the AI supply chain.
- A partnership to integrate Cisco’s AI defense capabilities into ServiceNow.
Here are details on each:
XDR 2.0 AI enhancements
Under Chief Product Officer Jeetu Patel (pictured), Cisco has been focused on bringing together the historically siloed security and infrastructure domains with a goal of providing better security outcomes while lower operating and capital expenses. It’s an ambitious goal, but the company is looking for AI to help achieve this. Adding to the complexity is that AI workloads introduce a whole new set of security challenges, particularly for the mid-market.
The value of XDR is that it can look across the entire attack surface – from network to endpoint to email and web but then identify the lateral movement of an attack, in near real time. The Cisco enhancements give it the ability to bring XDR to the mid-market, which hasn’t had access to it before.
XDR 2.0 uses AI is to close the gap between the bazillion alerts companies get to find the truly malicious ones and then take advantage of the automated response capabilities. Security teams can use agentic artificial intelligence to build a tailored investigation plan and then execute it. There is so much data being generated today that people can no longer analyze in manually, but AI can. In fact, one could look at AI as the missing piece to realize the promise of XDR.
Cyber Vision with Hybrid Mesh Firewall
Security for AI is also a component of Cisco’s Cyber Vision IoT and operational technology capabilities enhancements. Cyber Vision takes the asset inventory of the IoT endpoints, checks against any of the vulnerabilities that might be in place, organizes all these assets into groups and then the secure firewall is able to communicate seamlessly with this collection of IoT devises to enforce segmentation as well as firewall policies.
As Cisco brings more security into the fabric of the network with a Hybrid Mesh Firewall, it can read and understand feedback from Cyber Vision to make sure that it is automating least privileged controls to devices on a factory floor, as well as to users, whether they’re remote or in a branch office.
For Cisco customers, Security Cloud Control is the interface used to define policies and the intent behind them, and then enforce everywhere, where the application and workloads may be running — on firewall variants, on secure workload, on Hypershield, as well as secure access. Historically, Cisco has had good security tools, but the management was scattered across different systems. Under Patel, Tom Gillis and Raj Chopra, Cisco has done a much better job of simplify workflows to complement the products.
AI supply chain and risk management
AI supply chain and risk management are other areas in which Cisco is enhancing security. AI is being infused into every corporate application and business process and that creates new risks. As an example, downloading a model from a source such as Hugging Face creates risk, as the exposed models can be infected with malware.
Cisco has worked on all the artifacts around AI, not just the usage of AI, but how they are being built and modeled. Cisco has visibility into the entire supply chain around AI and can enforce the right kind of controls, be it on the endpoint of the developer or the usage of that particular application.
Partnership with ServiceNow
Cisco also announced a product and go-to-market partnership with ServiceNow to bring together Cisco’s AI risk and governance portfolio within ServiceNow in a hybrid model. Joint customers will realize the value of the partnership as they start to adopt AI more holistically. This spans a wide range of the use cases, whether it is the visibility of the application being used, the models, and the kinds of attacks they may be vulnerable to, including real-time protection.
Final thoughts
For Cisco, success in security is critical to accelerating growth. Security is a massive, highly fragmented market and even moderate success will move the needle on Cisco growth and stock price. Tying security to Cisco’s dominate share position in networking gives it a unique approach that is highly defensible.
Historically, Cisco has treated the domains as individual silos and created complexity for its customers. Much of the innovation in security for AI and AI for security has come by bringing these two worlds together – something long overdue for Cisco and its customers.
