2 min

The US tech giant will round out its product offering with a “holistic solution” that provides end-to-end cloud security posture management (CSPM) across cloud-native resources.

This week Cisco announced that it is acquiring Lightspin Technologies, a Tel Aviv-based start-up that helps enterprises find and understand vulnerabilities in their cloud infrastructure.

Cisco plans to integrate Lightspin into its Emerging Technologies and Incubation (ET&I) business unit. Vijoy Pandey, Cisco’s Senior Vice President of Engineering for ET&I, detailed his unit’s acquisition of Lightspin in a blog post. “In today’s security climate, where the risk management needs of organizations can evolve overnight, it is vital that Cisco’s cloud security investments reflect the growing needs of its customers,” he wrote.

“The Lightspin team has extensive technical expertise in cloud security, product development, and SaaS security products,” Pandey says. “The team’s experience supporting DevOps and DevSecOps with context and tooling will accelerate our ability to deliver the solutions and support needed to prioritize and remediate vulnerabilities across cloud applications and environments,” he claims.

Adding “end-to-end security and observability”

Lightspin provides “contextualized cloud-security coverage”, using graph-based technology to deliver key context, prioritization, and remediation recommendations, Pandey explains. “Cisco and Lightspin are aligned with a common goal to help customers modernize their cloud environments with end-to-end security and observability from build to runtime”, he adds.

Lightspin describes its platform as taking an “holistic approach” to security. The company’s “Contextual Cloud Security” offering can automatically scan cloud environments for insecure configuration settings, vulnerable code and other risks. The Lightspin platform then lists the issues it finds in a centralized dashboard and prioritizes them based on severity. 

In addition to its vulnerability detection and reporting features, Lightspin provides tools for detecting malware. It spots malicious programs using Amazon’s GuardDuty threat detection service and Falco, an open-source tool for spotting breach indicators, according to Silicon Angle.

“Companies need total confidence that their most sensitive data are protected from security risks and unauthorized access”, Pandey writes. “Cisco and Lightspin have a shared commitment to helping their customers secure their critical data, applications, and infrastructure across all environments”.

Also read: Cisco builds integrated and open security platform; what does that mean?