Cisco and JupiterOne on Monday announced a partnership to combine JupiterOne’s cyber asset context and query features with the eXtended detection and response (XDR) capabilities of Cisco’s SecureX platform.
The new joint product — Secure Cloud Insights with JupiterOne — looks to give Cisco security customers the blast radius for any attack surface of their cloud-native processes and applications. It aims to deliver not just the “what” — but the “so what” of what’s happening with any potentially malicious activity in a cloud environment.
“We now address a range of needs for security operations, including cyber asset inventory, configuration, and vulnerability assessment, policy and compliance reporting, and navigable relationship mapping,” said Erkang Zheng, founder and CEO of JupiterOne. “The new offering also supports teams with threat hunting and incident investigation, and automated response when integrated with the SecureX platform and run-time enforcement.”
Jon Oltsik, a senior principal analyst and Enterprise Strategy Group fellow, added that defenders have to first know which assets they are defending — usually endpoints, networks and applications — so by teaming up with JupiterOne, Cisco gains visibility into cloud-based asset posture.
“In this way, Cisco can identify vulnerable assets and give users guidance for remediation,” Oltsik said. “Also, when SecureX generates an alert, analysts can now investigate root cause or assess the blast radius for on-premises and cloud-based assets, such as JupiterOne data. JupiterOne can help Cisco streamline security operations through direct integration with cloud security posture management, and Cisco already collects a lot of similar endpoint data through Device Insights. This understanding about asset details is crucial for streamlining and accelerating security operations.”
The heart of this announcement surrounds the principles of XDR, said Frank Dickson, program vice president for security and trust at IDC. As digital transformation drives innovations, Dickson said it also drives complexity as IT moves to hybrid and multi-cloud architectures leveraged by on-premises, remote and hybrid workers.
“XDR looks to address the security requirements created by this complexity by aggregating telemetry from multiple security and network tools, applying analytics, and illuminating maliciousness while eliminating misleading alerts,” Dickson explained. “Cisco SecureX integrates telemetry and intelligence across Cisco's security portfolio infrastructure offerings. The partnership integrates JupiterOne’s IaaS inventory and insights, relationship mapping, and security compliance reporting with SecureX to help clients get further down the path of realizing the promise of XDR.”