Cisco (NASDAQ: CSCO), the leader in security and networking, today unveiled Duo Identity and Access Management (IAM), a new security solution that transforms how organizations combat persistent identity-based attacks that are accelerating in the AI era. Identity is a prime target for bad actors, accounting for 60% of Cisco Talos Incident Response cases in 2024, because current solutions have critical weaknesses that attackers exploit. Duo IAM offers an innovative and security-first approach, with added protection built on its globally trusted multifactor authentication (MFA). Duo IAM is the latest advancement in Cisco’s long-standing commitment to user-friendly Zero Trust security.
Security-First Identity and Access Management
According to Cisco’s 2025 Cybersecurity Readiness Index, nearly a third of companies worldwide rank identity as their top cybersecurity challenge, but traditional IAM solutions often treat security as optional rather than foundational. Purpose-built to protect against modern identity threats, Duo IAM enables organizations to securely manage their entire identity infrastructure.
Duo includes a new User Directory to simplify storing user identities – including usernames, emails, and roles – and managing their access to resources. Paired with its existing capabilities including MFA and Single Sign On (SSO) to provide users with simple, easy and secure access to hundreds of applications from one login page, Duo now offers customers a comprehensive IAM solution.
Open and flexible, Duo IAM also integrates effortlessly with existing third-party identity systems. The new Identity Routing Engine allows Duo to integrate with many identity providers either as an identity broker or as a secondary identity provider. Incorporating security by default, Duo IAM frustrates attackers, while improving user experience and management costs. The Cisco AI Assistant is embedded in Duo to help organizations easily deploy and manage the new solution out-of-the-box.
End-to-End Phishing-Resistance
AI has accelerated the scale and complexity of account takeover through automated agentic social engineering. In response to rising threats, globally trusted Duo MFA now delivers the strongest form of authentication, without sacrificing convenience or purchasing expensive hardware keys. Recent innovations strengthening end-to-end phishing resistance include:
• Complete Passwordless: New option ensures a secure authentication experience without users ever having to use or remember a password.
• Proximity Verification: This capability uses Bluetooth Low Energy (BLE) to ensure a user’s mobile and access devices are near each other when authenticating.
• Session Theft Protection: New enhancements to Duo Passport remove the reliance on browser cookies from authentication, protecting against session theft and hijacking.
Unified Identity Intelligence
Identity infrastructure is complex and often disconnected, creating blind spots where attacks and vulnerabilities go unnoticed. To help organizations continuously monitor and respond to changes in identity risk, Duo IAM integrates with Cisco Identity Intelligence, connecting identity and access data across the Cisco Security Cloud platform. With AI-driven behavioral analytics and Cisco's unmatched reach into the network, organizations gain comprehensive visibility, threat detection, and the ability to take graduated responses like quarantining an identity, killing active sessions or isolating the network.