Cisco’s new identity and access management solution strengthens protection against advanced attacks with passwordless authentication and complete resistance to phishing.
Cisco has unveiled Duo Identity and Access Management (IAM), a next-generation solution designed to combat the growing identity-based attacks proliferating in the era of artificial intelligence. With this offering, Cisco takes a step beyond multifactor authentication (MFA), proposing a comprehensive and security-focused approach without sacrificing user experience.
According to Cisco Talos, 60% of cybersecurity incidents in 2024 were related to compromised identities, confirming that identity theft is now one of the primary attack vectors.
“Attackers no longer need to hack; they just need to log in,” said Jeetu Patel, president and chief product officer of Cisco.
More than MFA: comprehensive identity management with a Zero Trust approach
The new Duo IAM platform is built on an open, scalable, and secure architecture. It includes a new User Directory that simplifies identity, role, and permission management and integrates advanced capabilities such as:
- Single Sign-On (SSO) for secure access to hundreds of applications from a single point.
- Compatibility with external identity providers through its identity routing engine.
- Integration with Cisco Identity Intelligence, offering visibility, behavioral analysis, and automated threat response capabilities.
This is complemented by Cisco’s AI assistant, which facilitates the implementation, configuration, and maintenance of Duo IAM from the start.
Passwordless authentication and total phishing resistance
In response to the rise of automated phishing using AI and advanced social engineering, Cisco has introduced features that enhance protection without relying on costly physical keys:
- Complete passwordless authentication, eliminating the need to remember credentials.
- Proximity verification via Bluetooth (BLE), ensuring that the mobile device is near the access equipment.
- Protection against session theft, removing dependence on browser cookies.
These features enable organizations to reduce their attack surface while maintaining a seamless user experience.
Unified intelligence to combat identity threats
One of the major challenges of identity management is data dispersion. Duo IAM connects and correlates information about access, behavior, and devices across the Cisco Security Cloud platform. This allows for real-time progressive actions such as:
- Quarantining suspicious identities.
- Terminating compromised active sessions.
- Isolating devices on the network.
With this proactive, AI-driven approach, Cisco responds to new forms of threats without creating unnecessary friction for users and administrators.
Industry Feedback
From the security integrator Optiv, Todd Perrault has positively assessed the announcement:
“Duo has been a benchmark in MFA, and now with IAM, it makes a qualitative leap that will help our clients face identity-based attacks.”
Meanwhile, Todd Thiemann, an analyst at Enterprise Strategy Group, believes:
“The expansion of Duo into security-focused identity management is timely and necessary. Its phishing resistance is a key advancement in both security and usability.”
Conclusion
In an environment where identities are the new security perimeter, Cisco Duo IAM redefines protection from the ground up, integrating advanced authentication, access management, behavioral analysis, and real-time protection—all with an open architecture that avoids hardware dependencies and facilitates integration with existing environments.
Source: Cisco