Cisco’s zero-trust IAM awarded AAA rating for digital identity protection

Cisco has received the highest rating for identity protection from cybersecurity testing lab SE Labs for its Universal Zero Trust Network Access (UZTNA) solution.

UZTNA is a combination of products developed by Cisco that offers zero trust authentication, a security framework where no user or device is trusted by default, requiring strict identity verification and continuous authorization for every access. The technology is especially valuable in situations such as remote work, where employees may use different devices.

Cisco’s UZTNA includes the company’s zero-trust security identity and access management (IAM) platform, Duo, Cisco Secure Access, which provides secure access to the internet, cloud services, and private applications, and Cisco Identity Intelligence (CII), which increases visibility into identities and their logins and flags threats.

SE Labs has awarded the UZTNA with an AAA rating for “Advanced Security IAM Protection,” after performing a series of tests in a real network environment. The solution achieved 100 percent detection and 100 percent protection against cyber threats, identifying and blocking every attempt to compromise security defenses, Cisco says in a release.

The testing involved targeting a Microsoft 365 deployment with privileged and non-privileged accounts.

“Identity is a primary attack surface in modern enterprise environments, especially with cloud-based platforms like Microsoft 365,” says  Simon Edwards, SE Labs founder and CEO. “It is crucial to assess how well defenses handle threats that are subtle, persistent, and increasingly effective.”

Its security experts mimicked attacks from well-known hacker groups such as Scattered Spider, APT29, and APT28. This included 30 attacks, including attempts to gain access by using stolen valid, but compromised, usernames and passwords, bypassing multi-factor authentication (MFA) by causing MFA fatigue and credential stuffing as well as hijacking active user sessions without needing credentials of MFA.

“Zero Trust Network Access is key to protecting organizations today, and we’re delighted that our first-of-its-kind Universal ZTNA from Cisco has been awarded the top accolade from SE Labs,” says Raj Chopra, senior vice president and chief product officer at Cisco Security.

Cisco Duo has been warning that traditional authentication methods are failing and that MFA coverage is still vastly incomplete, allowing attackers to easily circumvent weaker forms of authentication. Last year, the company introduced a hardware-independent roaming MFA tool with digital privacy firm Badge Inc.

Article Topics

certification  |  Cisco  |  cybersecurity  |  digital identity  |  Duo Security  |  identity access management (IAM)  |  zero trust