Cisco Unveils AI Security Innovations and New Partnerships at RSA Conference 2025
Cisco took the stage at the RSA Conference 2025 with a bold set of announcements aimed at reshaping how organizations secure AI and use it as a weapon against cyber threats. Against a backdrop of rising attack sophistication and a growing skills shortage, the company stressed that now more than ever, cybersecurity needs to operate at machine scale.
According to early insights from Cisco’s upcoming 2025 Cybersecurity Readiness Index, 86% of companies have faced AI-related security incidents in the past year. That stat alone sets the tone: businesses are not fully prepared for the risks AI introduces.
Jeetu Patel, Cisco’s EVP and Chief Product Officer, acknowledged that the security landscape has never been more volatile. He explained that with attackers now leveraging AI to design smarter exploits, security teams—often short on people—need AI capabilities themselves to keep up. Cisco’s push into AI-powered defense, he said, includes open-source models, new AI agents, and significant upgrades across its Security Cloud platform.
Also read: Cisco and NVIDIA Partner to Accelerate AI Adoption in Enterprises
Bringing AI Speed to Threat Detection
Cisco also spotlighted major improvements to its Extended Detection and Response (XDR) platform. Security teams, often overwhelmed by thousands of alerts daily, will now get help from agentic AI that filters out the noise and surfaces what really matters.
A standout addition is Instant Attack Verification. This tool pulls in data from multiple sources—including the Splunk platform—and uses AI to launch automated investigations, confirm threats, and trigger responses without waiting for human intervention. Alongside it, new XDR Forensics capabilities dig deeper into endpoint behavior, helping analysts get more accurate insights. Cisco also introduced the XDR Storyboard, a visual tool to map out complex attack paths in seconds.
Splunk also plays a big role. The newest versions of Splunk Enterprise Security (ES) and Splunk SOAR—now integrated more tightly with Cisco XDR—will give organizations the tools to identify threats faster and respond more effectively. ES 8.1 drops in June; SOAR 6.4 is already available.
Omar Zarabi, CEO of Port53, said Cisco XDR had already transformed their service delivery. He emphasized that new features like Instant Attack Verification and automated forensics will boost both clarity and speed, allowing them to improve outcomes for their clients.
IDC analyst Frank Dickson offered a more cautious take. He said Cisco’s combination of visualization, forensics, and automation presents a promising direction for SOCs, but added that the real test will be how well these tools integrate into existing systems in live environments.
Securing AI and Using AI to Secure
Cisco also shared progress on two fronts: keeping AI safe and using AI to enhance security tools. A new partnership with ServiceNow aims to help organizations manage AI risk at scale. Their first integration links Cisco AI Defense with ServiceNow’s SecOps suite, offering a more comprehensive risk governance approach.
Patel also introduced “Foundation AI,” a team of AI and cybersecurity experts Cisco brought in through its acquisition of Robust Intelligence. This group just released the first open-source reasoning model designed specifically for security. They’re also working on tools and benchmarks that will help other organizations evaluate AI security in real-world settings.
Another priority: securing the AI supply chain. Cisco is rolling out controls that can scan and block malicious AI models—even before deployment. These tools will detect harmful code, unsafe licenses, or suspicious origins, giving companies a way to move faster with fewer risks.
Strengthening Industrial Defenses
Cisco’s security reach now extends deeper into industrial settings. The company announced updates to its Industrial Threat Defense suite, including integrations with Splunk for better OT visibility and with Cisco Vulnerability Management to prioritize risks in operational technology environments.
By connecting Cisco Secure Firewall with industrial automation systems, the company wants to help protect critical infrastructure as AI becomes more embedded in factories, utilities, and transportation systems.
