Cisco software targets enterprise cloud security, risk assessment

Cisco is adding a security module to its observability platform that promises to help enterprises assess threat risks and protect cloud-based resources.

The Cisco Secure Application module, available now, is part of the vendor’s Full Stack Observability (FSO) platform, which is designed to correlate data from application, networking, infrastructure, security, and cloud domains to make it easier for customers to spot anomalies, preempt and address performance problems, and improve threat mitigation.

FSO is designed to make intelligent use of metrics, events, logs and traces. With it, organizations can consolidate to fewer tools, collect data from any source, correlate information, and enable AI-driven analysis to predict and prevent problems, Cisco said at the FSO launch event in June.  

Secure Application can combine data from multiple sources to generate a business risk score for applications or services that have a likelihood of exploitation and attacks. It’s designed to gauge the seriousness of vulnerabilities and prioritize which are most pressing. It gathers data from Cisco’s Kenna Risk Meter, business transaction details from Cisco AppDynamics, API details from its Panoptica software, and threat intelligence data from Talos, its security-research arm, according to Carlos Pereira, chief architect of the strategy, incubation & applications group at Cisco.

The module then works with another FSO module – Cloud Native Application Observability for application performance management – to help customers ensure apps are acting in alignment with end-user expectations. It offers indicators of the health and status of applications inside cloud-native elements such as containers, microservices, orchestration tools such as Kubernetes, Pereira said.

The idea is to help organizations more effectively secure cloud-native applications based on real-time vulnerability analytics and business risk observability, Pereira said.

“Cisco adds business context to security findings and brings together application performance data with security intelligence from Cisco’s own security products. This enables teams to rapidly locate, assess, and prioritize risk and remediate security issues based on potential business impact,” Pereira said.

“Cisco Secure Application helps organizations bring applications and security teams together to secure development and deployments of modern applications. Teams have expanded visibility and intelligent insights to prioritize and respond in real-time to revenue-impacting security risks and reduce overall organizational risk profiles,” Pereira said.

Protecting application security is a growing priority in the multicloud world. IDC recently predicted that the application protection and availability market will grow from $2.5 billion in 2021 to $5.7 billion by 2026.

“Applications are one aspect of the modern security architecture that has been overlooked in modern security frameworks,” IDC wrote in its most recent worldwide application protection and availability market forecast.

“Zero trust focuses on internal applications, while extended detection and response (XDR) solutions leverage telemetry from web application threats. For application protection and availability vendors, the strategy to integrate into these frameworks will drive greater customer value through improved time to detection,” IDC wrote.

According to IDC, the modern state of cybersecurity focuses on broad visibility combined with advanced analytics to detect threats. Identities, endpoints, networks, devices, and data all have a role to play. These sources are control points for detection and prevention of threats while contributing key telemetry and insights required to detect elusive or advanced attacks, IDC stated.

Cisco’s FSO platform includes a number of modules in addition to Secure Application and Cloud Native Application Observability. Others include:

• Cost Insights: Provides visibility and insights into application-level costs alongside performance metrics.
• Application Resource Optimizer: Provides visibility into cloud workload resource utilization.
• Business risk observability for cloud environments: Cisco Secure Application built on the Cisco FSO Platform helps organizations secure cloud native applications based on real time vulnerability analytics and business risk observability.
• Cisco AIOps: Offers a visual of data relevant to infrastructure, network, incidents, and performance of a business application.

Cisco’s FSO platform also integrates with a variety of third-party systems, including:

• Cloudfarix vSphere Observability and Data Modernization: This package monitors vSphere data and correlates it with Kubernetes and infrastructure data to generate insights and recommend actions across infrastructure and the containerized application stack.
• Evolutio Fintech: This financial technology application is designed to help customers draw business insights by monitoring KPIs based on data such as payments and credit card authorizations.
• Kanari Capacity Planner and Forecaster: This provides visibility into time series data associated with capacity planning and forecasted events along with risk factors that have been determined through predictive ML algorithms.