Cisco has strengthened some of its key security software packages with an eye toward better protecting distributed enterprise resources.
Specifically, Cisco added more intelligence to its Duo access-protection software and introduced a new application called Business Risk Observability that can help enterprises measure the impact of security risks on their core applications. The company also enhanced its SASE offering by expanding its SD-WAN integration options.
The cloud-based Duo service helps protect organizations against cyber breaches by using adaptive multi-factor authentication (MFA) to verify the identity of users and the health of their devices before granting access to applications.
Cisco paid $2.35 billion in 2018 for Duo and has been enhancing and expanding its use across its product line. Most recently, Cisco rolled out Duo Passwordless Authentication with support for biometric authentication, including Microsoft Windows and Apple Macs. Passwordless authentication is aimed at reducing the risk of phishing attacks and their ability to utilize stolen passwords as well as addressing MFA fatigue.
With that in mind, the Duo service now also supports features called Remembered Devices and Wi-Fi Fingerprint that allow users to avoid repeated authentications as they move from application to application in trusted operations. Another new feature, called Verified Push, enables Duo to recognize behavior from known attack patterns and require the user to enter a code instead of just pushing a button to confirm.
Using MFA fatigue as an attack vector has led to some high profile breaches, said Tom Gillis, senior vice president and general manager of security at Cisco. “Attackers have built an attack that will look like an MFA request on your phone, but it's actually a way to get into the network,” he said. “So rather than have users mindlessly clicking through MFA requests, we have added the ability to intelligently and selectively let customers set a security policy that reduces that possibility.”
Cisco’s new Business Risk Observability application is designed to help IT teams gauge the seriousness of vulnerabilities and prioritize which are most pressing to address.
The application combines data from multiple sources – score distribution data from Cisco’s Kenna Risk Meter, business transaction details from Cisco AppDynamics, API details from its Panoptica software, and threat intelligence data from Talos – to generate a business risk score for applications or services that have a high likelihood of exploitation, Gillis said.
“If customers have 100 vulnerabilities across their network, they don’t want to hear that they need to patch them all because that just doesn’t happen – they need to know which ones to prioritize and that’s what Business Risk does,” Gillis said. “It gives customers a better understanding of the risk of problems and the business impact of fixing them.”
The Business Risk Observability application, available now, is part of Cisco’s emerging Full-Stack Observability architecture. The broader platform employs a variety of technologies, including OpenTelemetry, to offer applications and services that correlate network and application data across multiple domains to help customers analyze software performance and behavior using AI and ML techniques.
Cisco's AppDynamics Cloud application-monitoring service uses OpenTelemetry, and additional applications will be added to the Full-Stack Observability architecture in the future, Cisco says.
For example, Cisco will be unveiling deeper, bi-directional integration between AppDynamics and Cisco’s ThousandEyes digital-experience monitoring software. The tighter integration will enable correlation of business issues across application transactions and their dependencies, end-user experiences, the network path and internet routing, according to Liz Centoni, Cisco’s chief strategy officer and general manager, applications.
Contact Person: Ms. Vicky Tian
Tel: +86 19860146913
Fax: 86-0755-82552969