SecurityBrief US - Technology news for CISOs & cybersecurity decision-makers
United States
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
MFA
#
Advanced Persistent Threat Protection
#
IAM

Cisco Duo launches identity service to tackle AI cyber threats

Yesterday
Author image
By Sean Mitchell, Publisher

Cisco Duo has announced a new Identity and Access Management (IAM) solution designed to address security challenges associated with modern AI-driven identity threats.

The new offering, Duo IAM, aims to provide comprehensive identity security by building on Cisco Duo's established multifactor authentication (MFA) platform. According to Cisco, identity-based attacks represented 60% of all Cisco Talos Incident Response cases in 2024, highlighting identity as a critical vulnerability. Traditional IAM systems are seen as having flaws that attackers can exploit, and Duo IAM is presented as a response to these persistent challenges.

Jeetu Patel, President and Chief Product Officer at Cisco, said: "The security industry is facing an 'identity crisis' as persistent identity-based attacks are among the most dangerous and costly challenges for security teams. Attackers don't need to hack in, when they can simply log in. While identity is the foundation of strong security, traditional IAM solutions have failed to prioritise security despite increasingly sophisticated threats. With this massive innovation, Duo is moving beyond MFA and restoring trust in identity security with a fundamentally different approach that attackers hate and users love."

Duo IAM introduces a new User Directory, developed to streamline the storage of user identities, including usernames, emails, and roles. This directory enables more straightforward management of access to resources. Combining the new capability with existing features such as MFA and Single Sign On (SSO), Duo IAM allows users simplified and secure entry to hundreds of applications via a single login page.

The solution is built to integrate with third-party identity systems, featuring a new Identity Routing Engine. This allows Duo IAM to function as either an identity broker or a secondary identity provider. Through these integrations, Cisco aims to make security a default aspect of identity management while also improving user experience and reducing management costs.

Cisco has also embedded its AI Assistant in Duo IAM, which is designed to assist organisations in deploying and managing the system efficiently from the outset.

Responding to the increasing complexity and scale of account takeover and social engineering threats driven by AI, Cisco Duo has updated its MFA offering with enhanced phishing-resistant capabilities. These include a complete passwordless authentication option, meaning users do not need to create or remember passwords. The release also introduces Proximity Verification, which uses Bluetooth Low Energy (BLE) to ensure that the user's mobile device and access device are physically near each other during the authentication process.

Session Theft Protection has also been enhanced. New features in Duo Passport reduce reliance on browser cookies during authentication, which is intended to protect against session theft and hijacking.

Duo IAM incorporates Cisco Identity Intelligence to provide unified monitoring and threat detection by connecting identity and access data across the Cisco Security Cloud platform. With the integration of AI-driven behavioural analytics, organisations are able to gain greater visibility into identity infrastructure, detect threats, and take measures such as quarantining identities, terminating sessions, or isolating networks where necessary.

Todd Perrault, Senior Vice President of Client Advisory at Optiv, commented: "Cisco Duo has been a trusted security partner when it comes to MFA, and in today's environment we're eager to use these new capabilities to fight growing identity-based attacks. Duo's expanding suite of identity and access management solutions will deliver even stronger results for our customers with a security-first approach to identity while providing reduced friction for end users."

Todd Thiemann, Principal Analyst at Enterprise Strategy Group, stated: "Identity breaches are no longer the exception—they're the rule. Seeing a trusted security brand like Duo broaden from access management to include identity management and provide a security-first approach in the market is both timely and refreshing. Duo's commitment to maximising security while minimising user and admin friction is exactly what the industry needs. In particular, their approach to end-to-end phishing resistance marks a major leap forward, not just in security, but also in ease of deployment, to combat the latest identity threats."

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Saviynt expands platform to secure all human & non-human identities
SentinelOne named a Customers' Choice in 2025 Gartner XDR report
Genetec enhances Cloudrunner with advanced ALPR mapping tools
AI agents spark new enterprise security fears, report shows
Lineaje survey reveals software supply chain security gaps
Top stories
Secureframe & Coalfire launch platform to speed CMMC process
Bitdefender unveils upgrades to partner & MSP programmes
Experts warn of surge in Google, Apple, Microsoft breaches
Most high-traffic email domains still vulnerable to phishing
Safari users at heightened risk from new fullscreen BitM attack