At RSA Conference 2025, Cisco introduces new AI-driven security features in XDR, open source tools for AI security, and a collaboration with ServiceNow to better support organizations in secure AI adoption.
At RSA Conference 2025, Cisco announces new security solutions that specifically address the risks and complexity of AI in business environments. The company expands its XDR platform with AI-driven features, launches open source security models, and deepens its collaboration with ServiceNow.
Expansion of Cisco XDR and Splunk
Cisco XDR gains new features that help detect and verify threats faster. The Instant Attack Verification feature uses agentic AI to automatically combine data from various sources such as Splunk, endpoints, and network traffic. This approach accelerates investigation and allows security teams to take automated countermeasures more quickly.
XDR Forensics is also expanded with more insight into endpoint activity, increasing the accuracy of incident analyses. Additionally, the new XDR Storyboard provides visual insight into complex attacks, with which Cisco aims to facilitate quick action.
Splunk, part of Cisco since last year, sees its portfolio grow with Splunk SOAR 6.4 and Enterprise Security 8.1, featuring improved detection of known and unknown threats. In combination with Cisco XDR, organizations can thus increase their visibility and response capabilities within the SOC.
Security for and through AI
Cisco also strengthens its focus on AI-related risks. In collaboration with ServiceNow, tools are being rolled out that help organizations deploy AI in a controlled and secure manner. The integration between the recently launched Cisco AI Defense and ServiceNow SecOps focuses on risk management and governance around AI.
Additionally, Cisco launches an open source model of Foundation AI. Behind that name is a team that emerged from the acquisition of Robust Intelligence. These experts now make available a reasoning model specifically developed for security applications. Cisco also offers benchmarks and tools to adapt these models to specific business needs.
Cisco continues its RSA launch marathon with a set of AI Supply Chain Risk Management configurations. These are designed to protect companies against risks that arise when downloading and using AI models from external sources, such as malware or license issues.
Industrial Networks
Finally, the company expands its Industrial Threat Defense solution with new integrations. Cisco Vulnerability Management and Splunk Asset and Risk Intelligence help prioritize OT risks. Cisco Secure Firewall automates network segmentation in industrial environments. The addition of the Splunk OT Security add-on to Splunk ES enables better detection of threats in both IT and OT domains.