























We are excited to announce our intent to acquire WideField Security Inc. WideField will boost the capabilities of Splunk’s Agentic SOC, by extending machine-speed autonomous responses with identity and session intelligence for human, non-human, and AI-agent activity. To ensure trust, this is evidence-backed and policy-aware.
The rapid deployment of AI agents, autonomous workloads, and non-human identities – all operating at machine speed – introduced a new class of security risk. Beyond unauthorized access, the challenge also includes authorized entities taking unsafe actions in the wrong context, which can cause significant damage before any human team has a chance to respond. Enterprises just weren’t prepared for the security problem that the rise of agentic AI created.
Addressing this requires a new approach to security that can detect suspicious behavior even from authenticated users and approved AI agents. It calls for three interconnected challenges to be tackled:
Identity, in today’s agentic AI era, is not just focused on who logged in but who, or what, took action and under which authority, which session, and with what blast radius. Identity is now foundational to how organizations govern, secure, and respond to human activity and non-human, such as AI agents, service accounts, workloads, automation identities, etc. Detections must translate into evidence-based decisions that help security teams triage faster, investigate with confidence and respond safely, with human approval where required.
WideField turns identity telemetry into verified session evidence that AI-driven security workflows can safely reason over. For Agentic Security Operations that enable autonomous responses, it is imperative to have deterministic data pipelines that correlate telemetry from endpoints, identity systems, networks, and cloud in a format optimized for AI consumption. WideField sessionizes identity signals, which provides the session-level signals necessary for deeper analysis in Splunk’s Agentic SOC, allowing the SOC agents to infer whether an action belongs to a legitimate active session or a potentially malicious one.
WideField’s capabilities strengthen the Cisco Data Fabric by incorporating deep identity and session intelligence, giving customers the context they need to operate AI safely and at scale. This evidence can become a first-class signal for Spunk’s Agentic SOC, Cisco Cloud Control, and future AI governance workflows. Together with WideField we will expand the lens of threat investigation and response to include these critical factors, resulting in enhancements to Splunk’s Agentic SOC capabilities with greater precision and control.
With the acquisition of WideField, Cisco’s Splunk business is continuing to invest in developing and delivering differentiated, enterprise-grade agent and agentic security solutions that address the real-world challenges facing today’s organizations. Building on the recent additions of Astrix Security and Galileo, WideField reinforces Cisco’s commitment to delivering an integrated trust layer for the agentic AI era — one that spans identity, runtime behavior, visibility, and enforcement — distinguishing Cisco as a trusted partner for enterprises seeking to operationalize AI with confidence and control.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。