Cisco plans to combine threat and risk-based vulnerability management as part of its SecureX platform thanks to technology by cyber security company Kenna Security, with which Cisco has struck a deal to acquire.
Headquartered in California, Kenna provides risk-based vulnerability management technology designed to enable organisations to work cross-functionally to rapidly identify, prioritise and remediate cyber risks.
Cisco hopes the acquisition and the integration of Kenna’s solutions into its own tech stack will help to transform the way security and IT teams collaborate to reduce the attack surface and the time it takes to detect and respond.
Specifically, Cisco Security will use Kenna’s technology to combine threat and risk-based vulnerability management as part of its cloud-based security platform SecureX, which was unveiled in early 2020.
Upon launch, the networking giant described the SecureX service as offering an open, cloud-native system that would let customers detect and remediate threats across Cisco and third-party products from a single interface. IT security teams could then automate and orchestrate security management across enterprise cloud, network and applications and end points.
The service also includes the latest security threat intelligence from Cisco Talos, letting customers hunt for new threats.
With Kenna’s technology, Cisco hopes to expand the platform experience and enable comprehensive scorecards for security controls and threat response performance.
"We have been on a journey to radically simplify security with Cisco SecureX," Gee Rittenhouse, senior vice president and general manager of Cisco’s Security Business Group (SBG), said in a blog post.
"But we know there is still more work to be done to fully realise our strategy of delivering radically simple security. When it comes to reducing vulnerabilities in an organisation’s environment, it is still a daunting task. There are too many alerts, and the lack of resources and prioritisation makes it unmanageable for security and IT teams.
"We believe a new approach that prioritises vulnerabilities based on threat intelligence and business impact in real time is needed," he added.
The integration of Kenna’s offering is expected to help Cisco customers prioritise vulnerabilities, speed and automate decision making with tailored information and accelerate response time for cyber readiness.
“Hybrid work is here to stay, and the increasing complexity of cyber security is our customers’ biggest challenge,” said Jeetu Patel, Cisco Security and Collaboration senior vice president and general manager. “We must radically simplify security to stay ahead of the evolving threat landscape.
“Our goal is to unify all critical control points into a single platform. With the addition of Kenna Security, we will fundamentally strengthen our platform experience by giving customers the ability to prioritise vulnerabilities based on a robust risk methodology that is tuned to their unique needs,” he added.
The acquisition is expected to close in Cisco’s fourth quarter of fiscal year 2021.