Cisco Snaps Up Kenna Security for Vulnerability Management

Cisco is set to acquire privately held Kenna Security in a deal designed to expand its SecureX platform with vulnerability management capabilities.

Santa Clara-based Kenna Security provides risk-based vulnerability management capabilities alongside vulnerability intelligence to help organizations rapidly identify, prioritize and remediate cyber-risks.

Cisco claimed the technology is increasingly important to organizations as work-from-anywhere policies expand the attack surface and increase security complexity.

“Hybrid work is here to stay, and the increasing complexity of cybersecurity is our customers’ biggest challenge. We must radically simplify security to stay ahead of the evolving threat landscape,” said Jeetu Patel, senior vice president and general manager, Cisco Security and Collaboration.

“Our goal is to unify all critical control points into a single platform. With the addition of Kenna Security, we will fundamentally strengthen our platform experience by giving customers the ability to prioritize vulnerabilities based on a robust risk methodology that is tuned to their unique needs.”

Specifically, with the support of Kenna Security technology, SecureX will be able to help customers discover and prioritize assets, accelerate decision-making with vulnerability intelligence, proactively orchestrate patch management and virtual patching, and easily generate compliance reports, Cisco said.

The tools should also help IT and security teams collaborate closer to reduce risk for their organization.

Karim Toubba, CEO of Kenna Security, said the two firms had a unique opportunity to change the way organizations manage risk at scale.

“As malicious actors continue to evolve their methods, we need to make it easier than ever for customers to predict, detect, prioritize and respond to the security threats that matter,” he added.

“The breadth and scale of Cisco coupled with Kenna Security’s mastery of machine-learning and data science will reshape how the entire industry addresses cyber risk.”

The deal is expected to close in Cisco’s fourth quarter of fiscal 2021.

What’s Hot on Infosecurity Magazine?