Cisco Introduces AI-Powered Splunk Tools to Enhance SOC Security Efficiency
Cisco has announced the launch of two new editions of its Splunk Enterprise Security solution, which incorporate agentic artificial intelligence to enhance security operations and unify threat detection, investigation, and response workflows. The Splunk Enterprise Security Essentials Edition and Splunk Enterprise Security Premier Edition are now available as part of Splunk Enterprise Security 8.2. These solutions aim to simplify Security Operations Centre (SOC) practices and alleviate the complexities associated with threat response. By placing agentic AI at the core of the SOC, Cisco leverages artificial intelligence to manage routine analyses and respond more swiftly to security threats. The company asserts that these advancements enable AI agents to orchestrate and automate workflows, transforming manual tasks into proactive and autonomous security operations.
Mike Horn, Senior Vice President and General Manager for Splunk Security, emphasised the necessity for defenders to utilise every advantage, especially as adversaries adopt AI technologies. He stated that their security offerings unify detection, investigation, and response into a single, intuitive workspace, thereby eliminating tool fragmentation and significantly enhancing efficiency. Built-in AI capabilities can reduce alert noise and cut investigation time from hours to minutes, allowing every SOC to better prepare for advanced threats and empower analysts at all levels. The Splunk Enterprise Security Premier Edition integrates various Cisco and Splunk capabilities, while the Essentials Edition includes Splunk Enterprise Security 8.2 and the Splunk AI Assistant. Michelle Abraham, Research Director for Security and Trust at IDC, highlighted the growing complexity faced by security teams and the importance of integrating multiple security capabilities into a cohesive environment to streamline workflows and reduce risk. Additionally, Cisco introduced new AI-powered features, such as the Triage Agent, which utilises artificial intelligence to assess and prioritise alerts, thereby alleviating analyst workloads and focusing attention on critical issues.
Categories: Security Solutions, Artificial Intelligence Integration, Threat Management
Tags: Splunk, Enterprise Security, Artificial Intelligence, Security Operations, Threat Detection, Investigation, Response, SOC, Automation, Risk