Unified Powerhouse: Cisco and Splunk Together

Artificial Intelligence | Cloud Security | Cyber Resilience | Mergers & Acquisitions, Partnerships | Network Security

Posted: Tuesday, Dec 03

KBI.Media
$
Unified Powerhouse: Cisco and Splunk Together

Karissa Breen, more commonly known as KB, is crowned a LinkedIn ‘Top Voice in Technology’, and widely recognised across the global cybersecurity industry. A serial entrepreneur, she is the co-founder of the TMFE Group, a portfolio of cybersecurity-focused businesses spanning an industry-leading media platform, a specialist marketing agency, a content production studio, and the executive headhunting firm, MercSec. Now based in the United States, KB oversees US editorial operations and leads the expansion of the group’s media footprint across North America, while maintaining a strong presence in Australia, and the broader global market. She is the former Producer and Host of the streaming show 2Fa.tv, and currently sits at the helm of journalism for the group’s flagship arm, KBI.Media, the independent cybersecurity media company. As a cybersecurity investigative journalist, KB hosts her globally-renowned podcast, KBKast, where she interviews leading cybersecurity practitioners, CISOs, government officials including heads-of-state, and industry pioneers from around the world. The podcast has been downloaded in over 65 countries with more than 400,000 global downloads, influencing billions of dollars in cybersecurity budgets. KB is known for asking the hard questions and extracting real, commercially relevant insights. Her approach provides an uncoloured, strategic lens on the evolving cybersecurity landscape, demystifying complex security issues and translating them into practical intelligence for executives navigating risk, regulation, and rapid technological change.

i 3 Table of Contents

Unified Powerhouse: Cisco and Splunk Together

From Karissa Breen

Tom Casey Senior Vice President, Products & Technology at Splunk recently presented at Cisco Live in Melbourne about the critical intersection of digital resilience, network assurance, and cloud observability during his keynote on the main stage.

Highlighting Cisco’s integration with Splunk, Casey laid out a comprehensive vision for the future of digital experience assurance and security solutions.

“When we design products from the beginning to be integrated, we can solve problems in ways that few, if any, other vendors can.” Casey outlined.

A focal point for Casey was the importance of digital resilience, which he described as fundamentally a data problem.

“Digital resilience is about protecting and optimising the experiences of users and employees” Casey explained.

This involves providing assurance at the network layer, ensuring a superior digital experience, and offering deep observability across various operational environments, both cloud and on-premise.

The capabilities of ThousandEyes, a key component of Cisco’s network assurance toolkit. ThousandEyes offers real-time insights into network performance issues such as latency and error rates and even detecting unintended configuration changes.

“It uses AI models and data correlation to pinpoint necessary changes or holdbacks” Casey noted, reinforcing the tool’s role in identifying and resolving network issues promptly.

The forever changing and complex nature of IT environments, means the need for thorough observability is required. This also includes monitoring both first-party and third-party applications, managing Kubernetes clusters, and overseeing cloud-native applications.

Cisco’s portfolio, bolstered by Splunk’s cross-correlation capabilities over vast data volumes, provides a differentiated, end-to-end observability solution tailored to varied operational environments.

Cisco and Splunk have made strides in integrating their security frameworks, particularly with the introduction of the Extended Detection and Response (XDR) solution. XDR’s capacity to detect and act on real-time network anomalies by analysing patterns from myriad data points is reinforced by Splunk’s advanced analytics.

“XDR as a standalone solution is immensely useful,” Casey added, highlighting its suitability for less sophisticated security operations centres (SOCs).

The general availability of Splunk Enterprise Security 8.0, which includes new features such as an enhanced mission control experience, automated noise reduction, and AI-powered incident reports.

“This is a game-changer,” he declared, as he detailed the suite’s capabilities in improving security posture and incident response efficiency.

Casey revealed ongoing efforts to update technical adapters and connectors for Cisco devices to enhance signal richness within Splunk, as well as initiatives to filter and manage data more effectively.