Cisco unveils AI assistant for enhanced cybersecurity in Security Cloud platform
by Duncan Riley · SiliconANGLECisco Systems Inc. today announced a new artificial intelligence assistant designed to enhance cybersecurity measures by providing advanced data analysis, policy recommendation and automated task management.
Called the Cisco AI Assistant for Security, the new service marks a major step in making AI pervasive in the Security Cloud, Cisco’s unified security platform, the company says. The AI Assistant helps customers make informed decisions, augment their tool capabilities and automate complex tasks.
The new service has been designed to address the issue wherein increased cyberattacks result in an increasing need for enhanced cybersecurity in organizations. Cisco has seen ransomware attacks continue to persist at a steady pace, making up 20% of Cisco Talos Incident Response engagements this year. The company has also observed an increase in sophisticated attacks on networking devices this past year, particularly by state-sponsored actors, requiring the adoption of machine-scale defenses.
AI Assistant for Security is trained on what is claimed to be one of the largest security-focused data sets in the world, which analyzes more than 550 billion security events daily across the web, email, endpoints, networks and applications. The assistant can understand event triage, impact and scope, root cause analysis and policy design, with an aim to close the gap between cybersecurity intent and outcomes.
Additional new products were announced today at the Cisco Live Conference in Melbourne, Australia, including firewall tools. The tools, released alongside the Cisco AI Assistant for Security, include AI Assistant for Firewall Policy and an AI-powered Encrypted Visibility Engine for All Firewall Models.
AI Assistant for Firewall Policy is designed to streamline the management and maintenance of firewall policies and rules. It allows administrators to use natural language to interact with the system to discover policies and obtain rule recommendations.
The new Encrypted Visibility Engine for All Firewall Models addresses the challenge of inspecting encrypted traffic. Part of Cisco’s 7.4.1 operating system and available across all Cisco Secure Firewall models, the feature leverages AI to detect potential malware within encrypted traffic without the need for decryption. It does so by using billions of samples, including sandboxed malware samples, to determine if encrypted traffic is transporting malware.
“To be an AI-first company, you must be a data-first company, ” Jeetu Patel, executive vice president and general manager of Security and Collaboration at Cisco, said ahead of the release. “With our extensive native telemetry, Cisco is uniquely positioned to deliver cybersecurity solutions that allow businesses to confidently operate at machine scale, augmenting what humans can do alone.”
Guest analyst Zeus Kerravala also provided an analysis of the announcements for SiliconANGLE.
.jpg){kind=link}