- Intent to acquire Kenna Security a market leader in risk-based vulnerability management, to advance Cisco’s commitment to radically simplify security and help customers improve their security posture
- Kenna Security uses machine learning (ML) and data science to track and predict real-world exploitations, empowering security teams to manage the ever-evolving threat landscape
- Combining the Cisco SecureX platform’s industry leading threat intelligence with Kenna Security’s vulnerability management capabilities will help customers find threats faster, improve collaboration between security and IT teams and ultimately reduce the attack surface
SAN JOSE, Calif., May 14, 2021 — Cisco today announced its intent to acquire Kenna Security, Inc., a privately held cybersecurity company headquartered in Santa Clara, Calif. Kenna’s risk-based vulnerability management technology enables organizations to work cross-functionally to rapidly identify, prioritize and remediate cyber risks. With this acquisition, Cisco will transform the way security and IT teams collaborate to reduce the attack surface and the time it takes to detect and respond.
The ability to prioritize vulnerabilities based on threat intelligence and business impact has never been more important. The world and the way we work is dynamic, and organizations are struggling to stay secure. As we shift to a work-from-anywhere model, employees are connecting to the network with company-owned and personal devices and are increasingly reliant on cloud technologies to stay productive. These trends have significantly expanded the attack surface and increased the complexity of security. There are too many point products producing too many alerts, and the lack of resources and prioritization makes it unmanageable for security and IT teams.
With Kenna’s technology, Cisco Security will be combining threat and risk-based vulnerability management as part of the SecureX platform, expanding the platform experience and enabling comprehensive scorecards for security controls and threat response performance. This integration will help customers prioritize vulnerabilities; speed and automate decision making with tailored information; and accelerate response time for cyber readiness.
“Hybrid work is here to stay, and the increasing complexity of cybersecurity is our customers’ biggest challenge. We must radically simplify security to stay ahead of the evolving threat landscape,” said Jeetu Patel, senior vice president and general manager, Cisco Security and Collaboration. “Our goal is to unify all critical control points into a single platform. With the addition of Kenna Security, we will fundamentally strengthen our platform experience by giving customers the ability to prioritize vulnerabilities based on a robust risk methodology that is tuned to their unique needs.”
The acquisition of Kenna Security with Cisco’s SecureX platform will help customers:
- Discover and prioritize their organization’s assets with a centralized, contextual view
- Speed decision making with prioritization of vulnerability data based on threat intelligence and asset business value
- Accelerate and simplify response with orchestration to proactively perform patch management or deploy virtual patching
- Reduce friction associated with compliance efforts with a simple and easy way to generate compliance reports
- Enhance collaboration between security and IT teams to effectively deal with vulnerabilities to reduce risk for businesses
“Cisco is on a mission to reshape the way we think about security, and together we have a unique opportunity to fundamentally transform how organizations effectively manage risk at scale,” said Karim Toubba, CEO of Kenna Security. “As malicious actors continue to evolve their methods, we need to make it easier than ever for customers to predict, detect, prioritize and respond to the security threats that matter. The breadth and scale of Cisco coupled with Kenna Security’s mastery of machine-learning and data science will reshape how the entire industry addresses cyber risk.”
Kenna’s technology integrates with all major industry vulnerability assessment platforms.
The acquisition is expected to close in Cisco’s fourth quarter of fiscal 2021.
Cisco (NASDAQ: CSCO) is the worldwide leader in technology that powers the Internet. Cisco inspires new possibilities by reimagining your applications, securing your enterprise, transforming your infrastructure, and empowering your teams for a global and inclusive future. Discover more on The Network and follow us on Twitter.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company.
This press release may be deemed to contain forward-looking statements, which are subject to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995, including statements regarding delivering industry leading vulnerability management, the acquisition transforming the way security and IT teams collaborate, strengthening Cisco’s platform experience, and the expected benefits to Cisco and its customers from completing the acquisition. Readers are cautioned that these forward-looking statements are only predictions and may differ materially from actual future events or results due a variety of factors, including, among other things, that conditions to the closing of the transaction may not be satisfied, the potential impact on the business of Kenna Security due to the uncertainty about the acquisition, the retention of employees of Kenna Security and the ability of Cisco to successfully integrate Kenna Security and to achieve expected benefits, business and economic conditions and growth trends in the networking industry, customer markets and various geographic regions, global economic conditions and uncertainties in the geopolitical environment and other risk factors set forth in Cisco's most recent reports on Form 10-K and Form 10-Q. Any forward-looking statements in this release are based on limited information currently available to Cisco, which is subject to change, and Cisco will not necessarily update the information.