惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

月光博客
月光博客
Cyberwarzone
Cyberwarzone
L
LINUX DO - 最新话题
N
News and Events Feed by Topic
T
Troy Hunt's Blog
Help Net Security
Help Net Security
S
Security @ Cisco Blogs
Google DeepMind News
Google DeepMind News
Security Archives - TechRepublic
Security Archives - TechRepublic
M
MIT News - Artificial intelligence
G
Google Developers Blog
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
V2EX - 技术
V2EX - 技术
Y
Y Combinator Blog
D
Darknet – Hacking Tools, Hacker News & Cyber Security
大猫的无限游戏
大猫的无限游戏
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
Microsoft Security Blog
Microsoft Security Blog
Cisco Talos Blog
Cisco Talos Blog
T
Threatpost
Recent Commits to openclaw:main
Recent Commits to openclaw:main
S
SegmentFault 最新的问题
I
InfoQ
H
Hacker News: Front Page
D
Docker
Scott Helme
Scott Helme
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Blog — PlanetScale
Blog — PlanetScale
人人都是产品经理
人人都是产品经理
博客园 - 叶小钗
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
N
Netflix TechBlog - Medium
AWS News Blog
AWS News Blog
Know Your Adversary
Know Your Adversary
博客园 - 【当耐特】
T
Tor Project blog
U
Unit 42
H
Heimdal Security Blog
Microsoft Azure Blog
Microsoft Azure Blog
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
P
Privacy & Cybersecurity Law Blog
PCI Perspectives
PCI Perspectives
美团技术团队
O
OpenAI News
T
Tailwind CSS Blog
H
Hackread – Cybersecurity News, Data Breaches, AI and More
B
Blog
GbyAI
GbyAI
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
MyScale Blog
MyScale Blog

Security @ Cisco Blogs

We third-party tested our firewall built for AI-scale. The test tools hit their limit first. SharpHound Recon Attack - How AI enhanced the threat hunt Machine Speed, Human Judgement: How AI Changed the SOC in 2026 Elevating Expertise in the SOC Educate at Event Speed: Cisco Live Security Operations Center What Working the Cisco Live SOC Taught Me About AI, Detection, and Response Cable to Cloud - A Product Engineer's Journey Through the Cisco Live AMER 2026 SOC The Experience Dividend: How Better Digital Experience Protects Revenue, Trust, and Growth AIM: Building an Agentic Tier-2 SOC Analyst at Cisco Live AMER 2026 Building the Agentic SOC at Cisco Live Americas 2026 Ten Years in the SOC at RSAC: What We Learned in 2026 Uplevelling Black Hat Threat Hunters Making Workflow Runs Explain Themselves: AI-Powered Run Summaries in Cisco XDR Automate Independent Testing Confirms Secure Email Threat Defense’s Email Security Strength Defenseclaw for On-Prem AI SOC Workflow at Black Hat Asia Cisco Secure Access with MCP Infrastructure at Black Hat Asia 2026 The Essence of Black Hat – Collaboration with Partners Black Hat Asia 2026: A Decade in Singapore Black Hat Asia 2026: Threat Hunters’ Corner Unveiling the Power of Integration: XDR, Splunk, Corelight, Arista and Palo Alto Networks in Action at Black Hat Asia Security in the Post-Mythos Era Cisco SASE with Meraki: Get in the Fast Lane to SASE Extending Zero Trust Across the Agentic AI Workflow Strengthening the Foundation: A Predictable, Customer focused Response to AI-Accelerated Vulnerability Discovery Quantum Resilience Needs a Common Language. Here’s Where to Start. Security at Cisco Live: Going Shields Up for the Agentic Era Security Needs a New Operating Model Cisco Secure Access and Microsoft Purview Integration for Simplified Data Protection Cisco Secure Access and Island Browser Enable Zero Trust Everywhere Finding what lives between the alerts: Announcing Cisco Talos Threat Hunting From Log Flood to Threat Signal: Cisco and Splunk Bring Context to Modern Defense Cisco Secure Access and Microsoft Edge for Business Integration Why Network Segmentation Projects Fail: Four Patterns Cisco’s Risk-Based Vulnerability Disclosure in the Age of AI Enhancing Cisco Secure Email Gateway: Safer Clicks and Cleaner Files AI-generated reporting: Lessons learned from Cisco Talos Incident Response Inside the SOC: AI-powered DNS defense against ransomware Security Insights: A Threat-First View for the Platform That Enforces Access From Strategy to Architecture: How Cisco is Building a Quantum-Safe Future AI-Ready, Simpler, and More Secure WAN: Cisco SD-WAN Innovations Designing for What’s Next: Securing AI-Scale Infrastructure Without Compromise Preparing for Post-Quantum Cryptography: The Secure Firewall Roadmap Mobile World Congress 2026: AI-powered Network Security Powering MWC Barcelona – Building a Unified SOC and NOC with Splunk in Record Time AI-powered Network Security at the Mobile World Congress 2026 SNOC Inside the Mobile World Congress 2026 SOC: Detecting Shadow Traffic with Firepower 6100 Data Optimization in Security: A Splunk Architect’s Perspective Inside the Talos 2025 Year in Review: A discussion on what the data means for defenders Zero Trust for Agentic AI: Safeguarding your Digital Workforce The Agent Trust gap: What Our Research Reveals About Agentic AI Security Meet Your Incident Responders
Identity Elevated: A New Unified Identity Experience in Cisco Cloud Control
Matt Caulfield · 2026-06-02 · via Security @ Cisco Blogs

Imagine a network administrator is troubleshooting a device that suddenly can’t connect to the network. The credentials look valid, the policy appears correct, and the device was trusted yesterday, but access is blocked. At the same time, security teams need to know whether this is a posture issue, an identity risk signal, or suspicious behavior.

To understand the risk and restore the right level of access, team needs to answer several questions quickly:

  • Who or what is behind this access?
  • Is the device trusted?
  • What network and application access does it have?
  • Has this identity shown risky behavior before?
  • What changed since the last successful connection?
  • Should the team restore access, restrict access, or escalate the investigation?

In many organizations, answering those questions means pivoting across multiple tools and teams. Security teams see risks. Identity teams see authentication activity. Network teams see access policies. Each view is useful, but none tells the full story.

Identity Has Outgrown the User

Every modern organization is filling up with identities that are not people: A login is no longer just a person entering a password. It may be a device joining the network, an application calling an API, a workload connecting to another service, or an AI agent taking action on behalf of a user or process. Every one of these identities can access something valuable, and every one of those can introduce risk.

Yet most organizations still manage this expanded identity landscape through fragmented systems. So, when a device suddenly can’t connect to the network, teams are forced to reconstruct the story manually; identity state in one tool, device trust in another, network policy elsewhere, and application context in yet another view. That prolongs incident investigation, and that added delay matters. In identity security, the gap between detecting a signal and taking action is where risk grows.

Introducing Identity in Cisco Cloud Control

Identity in Cisco Cloud Control brings identity, device, network, application and agentic activity context together in a single, unified operational view. By unifying capabilities across Duo, Cisco Identity Intelligence (CII), Cisco Identity Services Engine (ISE), and supported vendor sources, Cisco enables teams to investigate, assess, and act on identity risk without switching tools or losing context.

Unlike traditional approaches that stitch various signals together after the fact, Identity in Cloud Control correlate’s identity, device, network and application activity in one place—so teams can move from detection to enforcement faster and with greater confidence.

What’s New

With the introduction of Identity in Cisco Cloud Control, customers gain new capabilities designed to simplify identity operations and make identity risk more actionable.

  • Unified identity visibility: A centralized workspace to view and monitor human and non-human identities across Cisco sources such as Duo, ISE, and CII, along with supported vendor sources such as identity providers, endpoint security tools, developer platforms and various AI-agent sources.
  • Enhanced Trust Level: Cisco Identity Intelligence Trust Level now incorporates ISE data, giving teams a broader context across identity, device, and network access risk.
  • Operational monitoring: A dashboard for monitoring distributed ISE Policy Administration Node (PAN) and Cisco Identity Intelligence integrations. This enables teams to now see integration status, related events, and data flow issues in one place so they can identify unhealthy nodes or broken integrations faster.
  • Identity context in AI Canvas: AI Canvas now uses identity context from Duo, ISE, CII and supported vendor sources to help teams investigate identity-related issues faster.
  • AI agent visibility: Identity context now extends to AI agents and other non-human identities, helping teams understand when automated actors, workloads, or applications are involved in access decisions. Agent discovery can now draw information from sources such as Open AI, DefenseClaw, Entra, Okta, Jamf, select Github copilot data and agent-workflow logs, Snowflake Cortex agent activity, AD Defense.

From Signals to Action

Let’s return to our original scenario.

With Identity in Cisco Cloud Control, the network administrator can immediately see the full picture instead of pivoting between tools: the identity involved, the device posture, recent behavior, network policy, and application access context—all in one place.

With Trust Level now incorporating network context, risk is not just visible—it is prioritized and actionable. And with AI Canvas, teams can follow guided investigation paths to accelerate response. From there, action is immediate and informed. The analyst can:

  • Trigger step-up authentication via Duo
  • Restrict network access through ISE
  • Revoke active sessions or isolate the device

The result is a closed loop: from identity signal to native enforcement across security and network domains.

Operationalizing Identity Across the Environment

Point solutions focus on slices of identity—users, devices, or authentication events. But modern environments require a complete view across all identity types, including users, devices, applications, workloads, AI agents, and machine identities.

Identity in Cisco Cloud Control provides a unified way to operationalize identity across your entire network.

For SecOps, IdentityOps, NetOps, CISOs, and IAM architects, this can help:

  • Shorten investigation and containment cycles by giving teams identity, device, application, security, and network context in a cohesive experience.
  • Reduce identity blind spots by extending visibility beyond users and devices, to applications, workloads, AI agents, and other non-human identities.
  • Improve enforcement decisions by using enhanced Trust Levels with ISE network access context and signals from vendor sources to guide downstream security and network policies.
  • Reduce operational overhead by centralizing identity monitoring, ISE deployment health, and CII integration status with Cisco solutions and vendor solutions in Cloud Control.
  • Accelerate responses with AgenticOps by helping teams move from identity risk signals to guided investigation and action faster.

A Shift to Identity-Driven Security

Identity can no longer be viewed in isolation.

With Identity in Cisco Cloud Control, Cisco is enabling organizations to move from fragmented visibility to identity-driven security—where every identity, human or non-human, is understood, monitored, and enforced as part of a unified system.

Because visibility alone is no longer enough. Security teams need the ability to turn identity signals into operational action across their environment.

Availability

Identity in Cisco Cloud Control is planned for alpha availability in June 2026, followed by beta and general availability planned for second half of the calendar year 2026.


We’d love to hear what you think! Ask a question and stay connected with Cisco Security on social media.

Cisco Security Social Media

LinkedIn
Facebook
Instagram