At the RSA Conference 2025, on Tuesday, Cisco announced key innovations and partnerships to help security teams face the rising challenges of the AI era. The company introduced new capabilities in Cisco XDR and Splunk Security, a deeper partnership with ServiceNow, and the launch of Foundation AI.
According to Cisco’s upcoming 2025 Cybersecurity Readiness Index, 86% of organisations worldwide reported experiencing AI-related security incidents in the past year.
“To fight back, understaffed security operations and IT leaders need AI power of their own,” Jeetu Patel, executive vice president and chief product officer at Cisco said.
The company’s XDR has introduced new features designed to help security teams quickly detect and respond to threats. The new Instant Attack Verification tool uses agentic AI to automatically create and execute investigation plans by combining data from Splunk, networks, endpoints, and threat intelligence. It allows teams to confirm and counter attacks with greater confidence and speed.
Other enhancements include automated XDR Forensics, which enhances visibility into endpoint activity, and the XDR Storyboard, a feature that visualises complex attacks to help teams react more quickly.
In addition, Splunk Enterprise Security (ES) and Splunk SOAR 6.4 are being enhanced to provide improved visibility, enhanced detections, and automated workflows, thereby improving operational efficiency. Splunk SOAR 6.4 is now available, while Splunk Enterprise Security 8.1 is scheduled for release in June.
Expanding on its AI Defense efforts, Cisco announced a new partnership with ServiceNow to combine Cisco AI Defense with ServiceNow SecOps, enabling organisations to adopt AI securely and manage AI risks more effectively.
Cisco also launched Foundation AI, a team born from its acquisition of Robust Intelligence. The team introduced the first open-source reasoning model specifically built for security applications. Alongside the model, they will release novel benchmarks and tools designed to enhance AI resilience in cybersecurity environments.
The company introduced new AI Supply Chain Risk Management controls to secure AI application artefacts. These controls aim to detect and block threats such as malware hidden in AI model files or poisoned datasets from public repositories, ensuring companies can adopt AI technologies safely.
Recognising the growing threats to industrial environments, Cisco announced upgrades to its Industrial Threat Defense solution. Integrations with Cisco Vulnerability Management, Secure Firewall, and Splunk Asset and Risk Intelligence will help companies prioritise OT risks, automate network segmentation, and unify IT and OT security operations.
