

Cisco Systems Inc. today introduced a slate of new security innovations at the annual RSAC Conference 2025 in San Francisco that are focused on helping enterprises navigate artificial intelligence threats and scale up AI adoption security.
The new releases from Cisco are aimed at providing assistance with what the company describes as an “increasingly sophisticated threat landscape” made worse by an expanding talent shortage that results in the need for machine-scale security and response. According to a soon-to-be-published report from Cisco, companies worldwide underestimate the complexities of securing AI, with 86% saying their organizations have experienced AI-related security incidents in the past 12 months.
Cisco’s announcements today are part of its commitment to developing capabilities for customers through ecosystem partnerships and for the broader community through open-source security models and tooling.
“Cisco is continuing its mission to secure AI and leverage AI for security with novel open source models and tools, new AI agents and IoT advancements, alongside the full breadth of the Cisco Security Cloud,” said Jeetu Patel, executive vice president and chief product officer at Cisco. “Together, these innovations will help level the playing field and deliver AI innovation that makes all businesses more secure.”
Leading the list of announcements is improved threat detection and response with Cisco XDR and Splunk Security. The new Cisco XDR enhancements focus on reducing the noise for security teams by correlating telemetry across networks, endpoints, cloud environments and email systems.
A new feature called Instant Attack Verification uses agentic AI to automatically create and execute tailored investigation plans, allowing teams to swiftly identify, confirm and respond to real threats. The improvements are aimed at helping organizations respond to incidents faster and with greater confidence.
Complementing the upgrades, Cisco also unveiled new automated XDR Forensics capabilities that deliver deeper visibility into endpoint activities. The capabilities enhance investigation accuracy by uncovering hidden patterns of malicious behavior. Additionally, a new XDR Storyboard visualization tool allows security teams to understand complex attack scenarios within seconds, expediting the response process.
The RSA announcements also included new functionality for Splunk, the security company acquired by Cisco in March 2024. Splunk Enterprise Security 8.1, set for release in June, will bring improved visibility and integrated workflows, while Splunk SOAR 6.4, available now, automates and accelerates threat detection and response. Combined with Cisco XDR, organizations will be able to build a security operations center that leverages AI to boost productivity and resilience.
Building on its AI Defense initiative, Cisco also today announced deepened collaboration with ServiceNow Inc. to streamline AI governance and risk management. The first integration will combine Cisco AI Defense with ServiceNow’s SecOps platform, offering organizations a more unified view of AI risks and improved mechanisms to enforce security policies across AI deployments. The partnership reflects a growing industry trend toward consolidated cybersecurity ecosystems to meet the challenges of the AI era.
Another announcement today, the Cisco Foundation AI initiative, which was formed following Cisco’s acquisition of Robust Intelligence Inc. in August, is the release of the first open-source reasoning model specifically designed to enhance security applications. The Foundation AI team also plans to publish cybersecurity benchmarks and provide building blocks for developers to accelerate the creation of secure AI solutions.
To tackle vulnerabilities in AI supply chains, Cisco has introduced a set of AI Supply Chain Risk Management security controls. The new tools are designed to detect and block malicious AI model files, flag risky open-source licenses and enforce policies against the use of unauthorized AI models before they are deployed in production environments.
Finally, Cisco announced an expansion to its Industrial Threat Defense solutions to better secure operational technology environments. New integrations with Cisco Cyber Vision and Secure Firewall bring enhanced vulnerability management and automated network segmentation to industrial networks. The updates help unify information technology and operational technology visibility within the security operations center, giving organizations the ability to detect and mitigate threats across their entire digital footprint.
THANK YOU