Cisco tightens link between observability and security

Cisco has updated its full-stack observability platform with the latest version of Cisco Secure Application, designed to help IT departments secure development and deployment of cloud native applications

Cisco said the product connects business context with security findings, bringing together application performance data with security intelligence from Cisco’s existing security products. It also offers business risk observability, which Cisco said helps IT professionals locate, assess and prioritise risk and remediate application security issues based on potential business impact.

The latest release of Cisco Secure Application is being positioned as a tool to help customers to securely manage cloud-native applications in addition to hybrid applications. According to a recent Cisco study, 92% of global IT leaders admit that the rush to rapidly innovate and respond to the changing needs of customers has come at the expense of robust application security during software development.

This, said Cisco, means that organisations are at risk of IT vulnerabilities and threats, with larger attack surfaces and gaps in their application security layer caused by siloed teams both struggling to gain visibility and the right business context to prioritise vulnerabilities.

Mark Leary, research director at IDC, said: “The successful digital infrastructure must operate as a concert, not as a collection of separate products, providers and people. This requires all components – from core to edge, from network to applications, from on-premise systems to public cloud and communications services – to work as one to deliver the best digital experiences.” 

In a blog post discussing observability and security, Ronak Desai, senior vice-president and general manager, Cisco Full-Stack Observability and AppDynamics, discussed the need for organisations to have clear visibility of each new vulnerability and its insights to prioritise remediation based on their business impact.

In the blog, he quotes a Cisco survey, which reported that 93% of IT professionals believe that it is important to be able to contextualise security and correlate risk in relation to key areas such as the application, user and business, and in doing so, prioritise vulnerability fixes based on potential business impact.

He said: “An organisation’s ability to quickly assess risks based on potential business impact, align teams and triage threats is entirely dependent on understanding where vulnerabilities exist, the severity of those risks, the likelihood they will be exploited, and the risk to the business of each issue.”

The Cisco Full-Stack Observability Platform was launched at Cisco Live US in June 2023. It delivers what Cisco describes as “contextual, correlated, and predictive insights”. Cisco claims that the platform allows customers to resolve performance issues more quickly and optimise digital experiences, while minimising business risk.