Cisco tightens link between observability and security

The company's observability platform now offers a way for IT decision-makers to understand the impact of security issues

Cisco has updated its full-stack observability platform with the latest version of Cisco Secure Application, designed to help IT departments secure development and deployment of cloud native applications

Cisco said the product connects business context with security findings, bringing together application performance data with security intelligence from Cisco’s existing security products. It also offers business risk observability, which Cisco said helps IT professionals locate, assess and prioritise risk and remediate application security issues based on potential business impact.

The latest release of Cisco Secure Application is being positioned as a tool to help customers to securely manage cloud-native applications in addition to hybrid applications. According to a recent Cisco study, 92% of global IT leaders admit that the rush to rapidly innovate and respond to the changing needs of customers has come at the expense of robust application security during software development.

This, said Cisco, means that organisations are at risk of IT vulnerabilities and threats, with larger attack surfaces and gaps in their application security layer caused by siloed teams both struggling to gain visibility and the right business context to prioritise vulnerabilities.

Mark Leary, research director at IDC, said: “The successful digital infrastructure must operate as a concert, not as a collection of separate products, providers and people. This requires all components – from core to edge, from network to applications, from on-premise systems to public cloud and communications services – to work as one to deliver the best digital experiences.” 

In a blog post discussing observability and security, Ronak Desai, senior vice-president and general manager, Cisco Full-Stack Observability and AppDynamics, discussed the need for organisations to have clear visibility of each new vulnerability and its insights to prioritise remediation based on their business impact.

In the blog, he quotes a Cisco survey, which reported that 93% of IT professionals believe that it is important to be able to contextualise security and correlate risk in relation to key areas such as the application, user and business, and in doing so, prioritise vulnerability fixes based on potential business impact.

He said: “An organisation’s ability to quickly assess risks based on potential business impact, align teams and triage threats is entirely dependent on understanding where vulnerabilities exist, the severity of those risks, the likelihood they will be exploited, and the risk to the business of each issue.”

The Cisco Full-Stack Observability Platform was launched at Cisco Live US in June 2023. It delivers what Cisco describes as “contextual, correlated, and predictive insights”. Cisco claims that the platform allows customers to resolve performance issues more quickly and optimise digital experiences, while minimising business risk.

Read more about observabillity

  • The Covid-19 pandemic has highlighted the flaws in the UK's digital government set-up. The appointment of new IT leadership presents an ideal opportunity for the government to fix them.
  • Enterprises and the vendors they buy from have begun to fundamentally rethink data management for observability, including a new startup with close ties to Cisco.

Read more on Application security and coding requirements

Data Center
Data Management