UPDATED 12:58 EDT / MAY 14 2021

SECURITY

In latest acquisition, Cisco buys vulnerability analytics startup Kenna Security

Announcing its third startup acquisition in a week, Cisco Systems Inc. today revealed plans to buy Kenna Security Inc., whose software helps enterprises fix security vulnerabilities in their systems. 

Kenna previously raised $98.3 million from investors including Citi Ventures. The startup counts the Bank of Hawaii Corp. and Deloitte Ltd among its customers.

By buying Kenna, Cisco will obtain the startup’s Kenna.VM software, which reduces companies’ attack surface by helping their cybersecurity teams prioritize their work more efficiently. In an enterprise with thousands of systems, there can be dozens of security issues at any given time, from minor configuration problems with a low risk of facilitating a breach to urgent exploits. Kenna’s software points out the most severe vulnerabilities so administrators can prioritize accordingly and fix them first.

The reason software is needed for the task is that prioritizing security weak points manually can often be impractical. In a big company, the sheer number of issues active at any time means that there’s a risk some severe exploits could go unnoticed.

There’s also the matter of what factors to consider when prioritizing threats. A minor issue affecting many systems isn’t necessarily as urgent as a more serious vulnerability affecting a single mission-critical application, which only adds to the complexity of prioritizing vulnerabilities manually.

Kenna’s software uses machine learning to rank security issues. Its algorithms draw on a database of more than 12 billion vulnerabilities, as well as information that the startup aggregates on hacker activity from threat intelligence feeds. After weighing different factors, Kenna’s algorithms assign a severity score to each issue ranging from 0 to 1,000 so administrators can easily identify the vulnerabilities that should be tackled first.

Cisco plans to pair the software with its SecureX product. SecureX provides a web dashboard that allows administrators to find potential breaches in their companies’ infrastructure. Using Kenna’s technology, SecureX will also be capable of surfacing vulnerabilities that haven’t yet been used by hackers but could lead to a breach in the future.

Cisco’s approach with SecureX of combining multiple security features in one product is a strategy that other market players are taking as well. CrowdStrike Holdings Inc.’s Falcon platform combines features for malware detection, breach investigation and tracking hacking campaigns. Other providers have taken the concept in other directions. Ayla Networks Inc., a recently funded startup, blends connected device security features with tools for handling day-to-day maintenance tasks such as updating device software.

Enabling administrators to perform multiple security tasks in one place reduces the need to switch between multiple interfaces, which boosts productivity.  

Cisco’s product strategy with SecureX seems to be paying off. On occasion of today’s acquisition news, the company disclosed that SecureX has been deployed by 7,000 customers since its launch last July.

Cisco’s cybersecurity group is its fastest-growing major business unit. Last quarter, the company’s total revenues fell slightly, but the cybersecurity group grew sales 10% year-over-year, to $822 million. Cisco has made multiple acquisitions over the last few years to expand the unit’s product portfolio.

The purchase of Kenna is the third acquisition announced by the company this week. On Thursday, Cisco said it’s buying virtual conference software provider Socio Labs Inc. A day earlier, the company revealed plans to acquire Sedona Systems Ltd., which provides a platform for monitoring the health of network infrastructure.

Image: Cisco

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU