Cisco, the global networking and cybersecurity technology company, has announced its intention to acquire WideField Security Inc, a move designed to bolster the agentic security operations centre (SOC) capabilities within its Splunk platform.
WideField’s technology will be integrated into Splunk to help normalise and correlate identity, session, and activity telemetry gathered from a broad range of sources, including Cisco Identity Intelligence. The integration will allow Splunk to build context across human activity, non-human identities, and AI agent behaviour, enabling security teams to assemble session-level signals for deeper investigative analysis.
The acquisition is a direct response to the security risks that have emerged from the widespread deployment of AI agents, autonomous workloads, and non-human identities operating at machine speed. According to the announcement, the core challenge extends beyond preventing unauthorised access: it also encompasses scenarios where authorised entities take unsafe actions in the wrong context, potentially causing significant damage before human teams can intervene.
Cisco has identified three interconnected challenges its agentic security strategy must address. The first is shielding agents from external manipulation by establishing clear operational guardrails. The second is ensuring that AI agents operating within enterprise environments are known, accountable, and restricted to only the access and actions required for their designated tasks. The third is building the capability to detect and respond to threats at machine speed and scale, limiting the operational and security impact of misaligned or compromised agents.
WideField Security provides complete visibility into the identity attack surface, spanning human, machine, and AI identities. Its platform delivers analytics and continuous monitoring designed to help organisations improve their identity posture and detect both external and insider threats across cloud, SaaS, and on-premises environments. The technology also enables deterministic data pipelines that correlate telemetry from endpoints, identity systems, networks, and cloud infrastructure in a format optimised for AI consumption.
The acquisition represents Cisco’s third cybersecurity-related deal in 2026, following the earlier announced acquisitions of Astrix Security and Galileo. Together, these moves are part of Cisco’s broader effort to deliver an integrated trust layer for the agentic AI era, spanning identity, runtime behaviour, visibility, and enforcement. Cisco has stated that WideField’s technology will also strengthen the Cisco Data Fabric beyond security operations, giving customers the broader context needed to operate AI safely and at scale.
Copyright © 2026 RegTech Analyst
Copyright © 2018 RegTech Analyst
