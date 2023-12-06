Cisco has unveiled its natural language-based AI Assistant for Security aimed at helping enterprise customers better assess security situations, eliminate configuration errors and automate complex tasks.\n\nThe Cisco AI Assistant for Security will first be implemented as part of the vendor\u2019s cloud-based Firewall Management Center and Cisco Defense Orchestrator services. Cisco's Firewall Management Center is a centralized platform for configuring, monitoring, troubleshooting and controlling Cisco Firepower Next-Generation Firewalls. The orchestrator platform lets customers centrally manage, control and automate security policies across multiple cloud-native security systems.\n\nAmong the goals of the AI Assistant are to reduce the time it takes for customers to respond to potential threats and simplify the entire security process.\n\n\u201cUsing natural language, an administrator can iterate with the AI Assistant to do things like discover and identify all the policies that control access to an application, define a new policy or rule for the administrator, and implement the policy,\u201d said Jeetu Patel, executive vice president and general manager of security and collaboration at Cisco, in a blog about the news.\n\n\u201cThe AI Assistant can also identify duplicate or misconfigured security policies from amongst thousands of existing policies and make recommendations for resolving them. To me, this is mind-blowing, because this is a level of intelligence that just isn\u2019t possible without AI,\u201d Patel stated.\n\nIn addition, Patel said the security assistant will let customers describe and contextualize events across email, the web, endpoints, and the network to tell security operation center analysts exactly what happened, the impact, and best next steps to take to remediate problems and set new policies.\n\nCisco first talked about the security assistant at its Live event in June, saying an AI-based assistant will provide easy-to-use situation analysis for network and security teams, correlating intelligence across the Cisco Security Cloud and relaying potential impacts; going forward, customers \u201cwon\u2019t need to have a Ph.D. to manage a firewall policy,\u201d Cisco stated.\n\nIn addition to the Assistant, Cisco added a new security feature across its firewall family that lets security teams see into traffic to look for malware without having to decrypt it first. \n\n\u201cDecrypting traffic for inspection is resource-intensive and fraught with operational, privacy, and compliance issues,\u201d Patel stated. With the 7.4.1 Operating System, which is now available, the system can analyze encrypted traffic to identify indicators of malicious behavior that humans can\u2019t, and it does so without decrypting, Patel stated.\n\n\u201cFor instance, an insulin pump that\u2019s running certain operating systems cannot run an end-point client. If it gets attacked by malware that communicates with the outside world via encrypted traffic, you can lose control of the insulin pump,\u201d Patel wrote. \u201cWith Encrypted Visibility Engine, you can now block this at the firewall.\u201d