Cisco announced a major expansion of its cybersecurity portfolio at RSA Conference 2025, introducing new products, enhancements, and partnerships aimed at securing AI-driven enterprises. As companies worldwide face escalating cyber threats—often fueled by AI—Cisco revealed major updates to its XDR platform, new advancements from Splunk Security, a deeper partnership with ServiceNow for AI risk management, and the launch of Foundation AI, an initiative focused on open-source security models. Cisco’s new innovations are designed to help security operations centers (SOCs) become faster, more decisive, and more resilient in the AI era, addressing a critical talent shortage and growing attack complexity.
Cisco introduced groundbreaking agentic AI capabilities within Cisco XDR, such as Instant Attack Verification, automated XDR Forensics, and the XDR Storyboard visualization tool. These upgrades enable faster and clearer threat detection and incident response by automating investigation plans and providing deep insights across network, endpoint, cloud, and email telemetry. The company also enhanced Splunk Enterprise Security and Splunk SOAR 6.4 to deliver greater visibility, integrated automation, and higher accuracy for threat detection. Meanwhile, the launch of Foundation AI introduced the world’s first open-source reasoning model purpose-built for security, alongside new benchmarks and tools to assess and strengthen cybersecurity models in real-world applications.
Additionally, Cisco debuted new AI Supply Chain Risk Management capabilities to safeguard enterprises from emerging threats in open-source AI model repositories, addressing vulnerabilities like malware and poisoned datasets. The company also expanded its Industrial IoT security solutions by integrating Cisco Cyber Vision with Cisco Vulnerability Management, Secure Firewall, and Splunk’s OT Security tools. Through its reinforced partnership with ServiceNow, Cisco is aligning AI Defense capabilities with ServiceNow SecOps, providing organizations with a unified approach to managing AI risk and governance. Together, these initiatives mark a major step forward for Cisco’s vision of a secure, AI-powered future.
- Cisco XDR Enhancements:
- Instant Attack Verification: Agentic AI automatically creates and executes investigation plans based on telemetry from endpoints, networks, and threat intelligence.
- Automated XDR Forensics: Deeper visibility into endpoint activity to enhance the accuracy of investigations.
- XDR Storyboard: New visual tool to quickly understand complex attacks and respond faster.
- Splunk Security Updates:
- Splunk SOAR 6.4 now generally available.
- Splunk Enterprise Security 8.1 launching in June.
- Deeper integration with Cisco XDR for improved network visibility and threat detection.
- Foundation AI Launch:
- Released the first open-source reasoning model tailored for cybersecurity applications.
- Introduced new cybersecurity benchmarks and tools for evaluating AI models in real-world security use cases.
- Focused on democratizing AI security and encouraging collaboration between cybersecurity teams and machine learning experts.
- ServiceNow Partnership Expansion:
- New integration between Cisco AI Defense and ServiceNow SecOps for comprehensive AI risk management and governance.
- AI Supply Chain Risk Management Tools:
- Detects and blocks malicious or non-compliant AI model files before they enter enterprise environments.
- Enforces policies against AI models from prohibited suppliers and addresses risks related to open-source software licenses.
- Industrial IoT Security Enhancements:
- Cisco Cyber Vision now integrates with Cisco Vulnerability Management and Splunk Asset and Risk Intelligence.
- New capabilities to automate industrial network segmentation and unify IT/OT security visibility within the SOC.
“The cybersecurity threat landscape has never been more dynamic and complex, with adversaries constantly emboldened and enabled by AI to drive new attacks,” said Jeetu Patel, Executive Vice President and Chief Product Officer at Cisco. “With today’s announcements, Cisco is securing AI and leveraging AI for security, delivering innovation that levels the playing field for all businesses, whether defending IT, OT, or cloud environments.”
