Cisco continues to bulk-up its security portfolio, this week closing the deal on risk-based management company Kenna Security for an undisclosed amount.
Kenna’s Risk-Based Vulnerability Management system collects and analyzes security data to provide security teams with information about threats so they can prioritize remediation and better understand risks.
The technology will become part of Cisco’s SecureX service that integrates numerous security components. Cisco says the service is an open, cloud-native system to detect and remediate threats across Cisco and third-party products from a single interface. The SecureX dashboard shows operational metrics, triggers alerts to emerging threats, and accelerates threat investigations and incident management by aggregating and correlating global intelligence and local context in one view.
In addition, SecureX offers more than 30 pre-built security workflows, 40 turnkey integrations, and orchestration capabilities that can automate and orchestrate security management across enterprise cloud, network, applications, and endpoints, according to Cisco.
“Using data science and real-world threat intelligence, Kenna has a proven ability to bring data in from a multi-vendor environment and provide a comprehensive view of IT vulnerability risk,” wrote Gee Rittenhouse senior vice president and general manager of Cisco’s Security Business Group in a blog about the acquisition.
With Kenna Security part of Secure X, Cisco can bridge its threat-management with Kenna’s risk-based vulnerability management to strengthen Cisco’s overall platform, he says. “Additionally, the combination of Kenna Security and SecureX will allow customers to address critical challenges by generating prioritized lists of vulnerabilities; streamlining collaboration between security and IT teams; and automating remediation to improve their overall security posture,” Rittenhouse stated.
Cisco has made several security acquisitions in the past couple of years including Banzai Cloud which helps customers monitor application development, deployment, runtime and security workflows; Portshift for application security; and Duo for access security and multi-factor authentication.