Cisco unveils ‘Identity Intelligence'
Bron
: artikel integraal overgenomen van Siliconangle
Origineel auteur
: Duncan Riley
Cisco Systems Inc. today announced new advancements in its Cisco Security Cloud that simplify security with artificial intelligence and protect against identity-based attacks.
First up is Cisco Identity Intelligence, a new solution that Cisco claims is the industry’s first attempt to combines identity, networking and security. The company says the combination better protects organizations’ complex identity stacks against increasingly sophisticated attacker techniques.
Cisco argues that today, there is blind trust between authentication and access solutions and because of this, threat actors successfully compromised large organizations in 2023 by targeting these weaknesses. Last year, more than 26% of all Cisco Talos Incident Response engagements involved adversaries using compromised credentials on valid accounts.
The problem, as seen by Cisco, is that a user is often mapped to many digital identities and accounts — drastically increasing entry points for attackers and the possibility of lateral movement across identities. Often, legacy permissions have not been removed and security teams miss crucial context about historical identity behavior, actions across systems, and current risk levels needed to make trusted access decisions.
This is where the new Cisco Identity Intelligence solution steps in. It runs on top of customers’ existing identity stores and provides unified visibility, as well as AI-driven analytics.
Using the solution, customers can discover their whole identity population, clean up vulnerable accounts, eliminate unused and risky privileges, detect behavior anomalies and block high-risk access attempts – without needing to replace existing solutions.
Identity Intelligence is built on an identity graph that pulls data from existing third-party sources that manage identity and access. Using AI-driven behavioral analytics and reaching into the network, organizations can choose to take a graduated response, such as quarantining an identity, killing active sessions or isolating the network by leveraging the Cisco Identity Services Engine.
The solution provides critical insights from existing solutions, including Smart Authentication with Cisco Duo, which detects unusual patterns based on behavior and third-party signals. Smart Access with Cisco Secure Access is used to verify the authentication decision and block unusual or high-risk behaviors and Smart Threat Detection with Cisco XDR correlates identity signals to provide missing information that traditional endpoint and network security solutions miss.