The latest addition to Cisco’s acquisition streak is WideField Security, a startup that specializes in identity visibility.
Cisco says the technology will become part of Splunk, helping security teams connect activity back to the identities and sessions behind it.
Why Cisco is focused on identity security
The challenge is a little different from traditional security problems. AI agents often aren’t breaking into systems. They’re being invited in. What happens next is where things get more complicated (cue ominous music).
“Beyond unauthorized access, the challenge also includes authorized entities taking unsafe actions in the wrong context, which can cause significant damage before any human team has a chance to respond,” said Kamal Hath, senior vice president and Splunk general manager, Cisco.
“Enterprises just weren’t prepared for the security problem that the rise of agentic AI created.”
That’s where Cisco sees a gap. Logging in is one thing – understanding what happened afterward, especially when AI agents are making decisions and taking actions on their own, is becoming a much bigger part of the security conversation.
Bringing more context into Splunk
WideField is focused on connecting identity and session data that often lives in separate places. Cisco says bringing that information together in Splunk will give analysts a fuller picture of the surrounding context when they’re trying to determine whether activity is legitimate or potentially malicious.
Hathi also pointed to the data challenges involved in securing AI-driven environments.
“…it is imperative to have deterministic data pipelines that correlate telemetry from endpoints, identity systems, networks, and cloud in a format optimized for AI consumption.”
The company said WideField’s technology will also bolster Cisco’s Data Fabric by adding deeper identity and session intelligence across security workflows.
Another step in a broader strategy
WideField is Cisco’s third AI-related security acquisition in recent months, following Galileo Technologies and Astrix Security.
None of these acquisitions solves exactly the same problem, but they keep circling around the same set of questions. How do you see what AI systems are doing? How do you verify those actions? And how do you investigate issues when something goes haywire?
Cisco spent a fair amount of time on those topics at Cisco Live this month. Visibility, identity, governance, and observability recurred throughout the event.
The technology is advancing quickly. Keeping track of what AI systems are doing after they’re deployed is proving much less straightforward.
Cato Networks recently acquired Aim Security to strengthen its capabilities in securing AI agents and applications. It’s another sign that vendors are spending as much time thinking about AI governance and security as they do on the technology itself.