Cisco to Acquire WideField Security to Boost Splunk’s Agentic SOC
Summary
Cisco has announced its intent to acquire WideField Security, a company that focuses on enhancing security investigation capabilities within Security Orchestration, Automation, and Response (SOAR) platforms. This acquisition aims to bolster Splunk's "Agentic SOC" by integrating WideField's technology to provide broader visibility into threats, including identity, credentials, and session information.
IFF Assessment
This acquisition by Cisco, which integrates WideField's threat investigation capabilities into Splunk's SOC offerings, is beneficial for defenders by providing more comprehensive tools and insights for identifying and mitigating security threats.
Defender Context
The acquisition of WideField Security by Cisco, aimed at enhancing Splunk's Agentic SOC, suggests a trend towards more integrated and comprehensive threat investigation tools. Defenders should be aware of these evolving capabilities that offer deeper insights into attack vectors like identity and session hijacking, enabling faster and more effective incident response.