Cisco launches SecureX platform for integrated security

SAN FRANCISCO -- Nearly a decade after first introducing its SecureX framework, Cisco has expanded the strategy with a full-fledged platform for its integrated security products.

At RSA Conference 2020 Monday, the networking giant unveiled the Cisco SecureX platform, which aims to connect integrated Cisco security products along with customers' infrastructure for a unified experience. Cisco first introduced the SecureX framework at RSA Conference 2011; the network-centric security framework was designed to integrate Cisco products to streamline policy enforcement and provide enterprises with contextual awareness regarding devices, users and potential threats.

The Cisco SecureX platform builds on that strategy by giving enterprises a central point that connects to the vendor's integrated security portfolio and the customers' environments. Jeff Reed, senior vice president of Cisco's Security Business Group, said the cloud-native platform offer several core capabilities.

"First, it enables visibility across the breadth of our security products from a single place," he said. "Second, we're able to automate remediation, such as blocking suspicious IP addresses, hashes or domains."

In addition, Cisco SecureX provides a new feature the vendors described as "managed threat hunting," courtesy of Cisco Talos' team of threat analysts.  "This is essentially our Talos researchers being able to do managed threat hunting within the customers' environments, where they're looking for new campaigns and IOCs [indicators of compromise] and bringing the intelligence back to the customers," Reed said.

While the SecureX platform is an expansion of the previous framework strategy, Reed said Cisco Threat Response, a tool for security operations center analysts, was one of the key "bricks of the foundation" for the platform. A primary goal of SecureX, Reed said, is to give enterprise security professionals a better way to view, react and respond to both alerts and full-blown incidents.

"We're trying to help simplify the experience, reduce the amount of errors and make it easier for multiple individuals to work on a single issue and provide better visibility, faster time to remediation and more efficient utilization of resources," he said.

The SecureX platform will be included with every Cisco security product license at no additional cost.

In addition to Cisco's own product portfolio, the SecureX platform will be able to integrate with third-party products and services. "Part of the automation capability set for SecureX is out-of-the box integrations with systems like ServiceNow, for example," Reed said.

He added that Cisco is currently working with other partners to bring third-party products to the platform, which the company plans to announce when SecureX officially launches at the Cisco Live conference in June.

Jon Oltsik, senior principal analyst at Enterprise Strategy Group, said Cisco is making good on its strategy to integrate its product portfolio.

"In 2011, it was more of a vision, but Cisco had a lot to do just to integrate Cisco and Sourcefire products.  This is much further advanced with a common interface, cloud backend, etc.," Oltsik said via email. "This is the direction the industry has to go. The entire cybersecurity technology infrastructure must be tightly integrated to share data and intelligence, alerts, analytics and action. SecureX is the first step toward this end, and Cisco has an aggressive roadmap behind its initial release."