Cisco elevates the SOC with agentic AI for faster threat response and reduced complexity

Splunk Enterprise Security Premier Edition and Essentials Edition advance unified threat detection and response

Cisco has introduced two new editions of Splunk Enterprise Security, Essentials and Premier, designed to strengthen security operations through agentic AI.

Delivered as part of Splunk Enterprise Security 8.2, one of the market’s leading SIEM solutions, the new offerings unify workflows across detection, investigation, and response, while streamlining operations for faster and more effective outcomes. Alongside these editions, Cisco also announced upcoming AI features intended to build the “agentic SOC” of the future, enabling analysts to dedicate more time to strategy while AI manages routine tasks.

By placing agentic AI at the center of its SOC architecture, Cisco and Splunk aim to transform how organizations address cyberthreats. Splunk’s integrated environment combines automation and orchestration with intelligence that reduces manual workloads, cuts down investigation times, and eliminates tool fragmentation. According to Mike Horn, SVP and GM for Splunk Security, the approach brings efficiency and agility at a time when adversaries are already leveraging AI to outpace defenses.

The Premier Edition combines Splunk Enterprise Security with Splunk SOAR, Splunk UEBA, and Splunk AI Assistant into a single environment, while the Essentials Edition brings together Enterprise Security and the AI Assistant in Security. Both are designed to give organizations a unified experience, reducing operational silos and improving visibility across environments. Industry experts note that integrated solutions of this type are critical to moving security operations from reactive to proactive, helping organizations streamline workflows and reduce risk.

Cisco is also preparing to expand Splunk’s AI capabilities with new agents and tools. These include triage agents that prioritize alerts, malware analysis features that reverse-engineer malicious scripts, AI-powered playbook authoring that turns natural language instructions into automated workflows, and enhanced detection libraries that allow customizations aligned with each SOC’s environment. Integrations with Cisco’s broader security ecosystem will provide even more visibility, including runtime protection with eBPF and federated analytics for firewall data stored in Amazon S3.

The Essentials Edition is now generally available worldwide, while the Premier Edition is being rolled out under early access. The Splunk AI Assistant in Security is also available globally, and additional AI-driven enhancements and Cisco integrations will be released in 2026. Cisco emphasizes that these innovations are part of a larger roadmap to ensure SOCs evolve into proactive, AI-powered environments capable of addressing increasingly sophisticated cyberthreats.