Wipro Expands Palo Alto Networks Partnership With Cortex XSIAM and CybershieldSM to Deliver AI‑powered Cyber Defense

Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO), a leading AI-powered technology services and consulting company, announced the expansion of its partnership with Palo Alto Networks, the global AI cybersecurity leader, to offer AI-driven Managed Detection and Response (MDR) services.

The partnership brings together Palo Alto Networks’ Cortex XSIAM with CyberShieldSM, Wipro’s managed security services capabilities in a more focused offering for modern security operations. The new offering will deliver proactive cyber defense with simplified workflows using machine learning, AI, and automation to predict and protect against future attacks. It will enable faster detection and response across complex environments, while filtering signals from noise, improving analyst efficiency, and increasing focus on critical, high-impact threats.

This offering is supported by Wipro’s WEGA and WINGS, AI delivery platforms that are a part of Wipro Intelligence™, suite of AI-powered platforms, solutions, and transformative offerings for workflow orchestration, service transition, and automation at scale across security operations.

“As organizations navigate a rapidly evolving landscape marked by accelerated AI adoption, the need for robust governance and strategic cost management has never been greater,” said Satish Yadavalli, Global Business Head - Cloud, Infrastructure, and Security Services, Wipro Limited. “Together with Palo Alto Networks, we are able to transform security operations through AI, automation, and platform consolidation, strengthening organizations’ security environments while optimizing costs and improving outputs.”

The expanded relationship builds on an existing foundation with Palo Alto Networks across cloud, network and security transformation, and reflects growing demand from clients for more integrated, AI-led security operations.

“AI-manufactured attacks require an AI-powered defense, and our partnership with Wipro helps deliver just that,” said Simone Gammeri, Senior Vice President and Chief Partnership Officer at Palo Alto Networks. “Our combined capabilities empower mutual customers to consolidate tools, eliminate data silos, and leverage AI and automation to reduce noise, accelerate response from days to minutes, and ultimately stop even the most sophisticated threats.”

The MDR services are delivered through Wipro’s eight Cyber Defense Centers (CDCs), anchored by the proprietary SOC GURU (Grand Unified Runbook Unleashed) framework—a unique IP that drives SOC transformation through attack- and alert-agnostic analysis. This unified, adaptive approach is designed to strengthen threat detection and response while supporting more resilient security operations.

This approach is already reflected in a recent engagement with a European gaming and entertainment leader, where Wipro and Palo Alto Networks helped transform security operations in a complex enterprise environment to deliver improved productivity, accelerated response, and reduced costs.





About Wipro Limited

Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading AI-powered technology services and consulting company focused on building innovative solutions that address clients’ most complex digital transformation needs. Leveraging our consulting-led approach and the Wipro Intelligence™ unified suite of AI-powered platforms, solutions and transformative offerings, we help clients realize their boldest ambitions to build intelligent and sustainable businesses. The Wipro Innovation Network–part of the Wipro Intelligence™ suite–underpins our commitment to client-centric co-innovation and co-creation by bringing together capabilities from the innovation labs and partner labs, academia, and global tech communities. With over 240,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at www.wipro.com.

NetApp and Cisco Collaboration Strengthens Defense-in-Depth for Enterprise Cyber Resilience

• New NetApp Splunk SOAR playbook helps contain ransomware attacks and limit data loss

NetApp® (NASDAQ: NTAP), the Intelligent Data Infrastructure company, and Cisco, (NASDAQ: CSCO) today announced an expansion of their collaboration to help customers strengthen defense-in-depth strategies for customers. Combining Intelligent Data Infrastructure with advanced analytics and observability capabilities, NetApp and Splunk have delivered deep, real-time visibility into storage and infrastructure health. Together, they are helping customers turn operational data into actionable insights that improve reliability, security, and business outcomes. By expanding their collaboration with the new NetApp Splunk Security Orchestration, Automation, and Response (SOAR) playbook, NetApp and Splunk are helping joint customers contain ransomware attacks and limit data loss at the storage layer, enhancing the containment of the blast radius of cyberattacks while increasing the speed and reducing the cost of recovery.

“With AI accelerating both the speed and sophistication of cyberattacks, the window to respond has never been smaller,” said Sandeep Singh, Senior Vice President and General Manager, Platform at NetApp. “To limit the cost and impact of ransomware, organizations must act the moment a threat is detected, which means extending security automation into the storage layer where data lives. As the company delivering the most secure storage on the planet, NetApp is uniquely positioned to make storage an active part of a defense-in-depth strategy. By working with Cisco to enable Splunk SOAR workflows to take direct action on data stored in NetApp ONTAP®, we’re helping make a defense-in-depth security strategy simpler and more effective.”

To give customers the resiliency and flexibility they need to protect their data, Cisco and NetApp are releasing the NetApp Splunk SOAR playbook. Splunk Enterprise Security is already integrated with NetApp Ransomware Resilience to collect analytics from the data layer, enhancing incident triage and prioritization. With the new playbook, Splunk SOAR users can now use those signals as well as signals from other solutions to automatically take incident response actions directly on NetApp ONTAP storage as an integral part of their incident response. These actions include blocking a suspicious user, taking snapshots of the data and taking data volumes offline to protect against further infection. As a result, customers will be better able to contain ransomware attacks and limit data loss at the storage layer. Utilized as part of the organization’s defense in depth security strategy, the NetApp Splunk SOAR playbooks help to strengthen collaboration between security and storage teams.

Automating the response and recovery actions against cyber threats with the NetApp Splunk SOAR playbook improves security team metrics like mean time to contain (MTTC) and reduces the manual effort and skills required to protect data. As a result, NetApp and Cisco are making it faster and more efficient for enterprises to achieve cyber resilience.

“Effective security strategies require visibility and action across the entire technology stack, including the data layer,” said David Dalling, GVP, Splunk Security at Cisco. “With the new NetApp Splunk SOAR playbook, ONTAP storage becomes an active participant in the security ecosystem, enabling organizations to contain threats directly targeting enterprise data. By connecting NetApp storage into Splunk SOAR workflows, we’re helping security and storage teams collaborate more seamlessly and respond to incidents with greater speed and confidence.”

“The partnership between Splunk and NetApp helps customers run their businesses more securely and effectively, connecting operations across storage and security teams,” said Dallas Olson, Chief Commercial Officer at NetApp. “By giving customers real-time visibility into what’s happening across their environments, NetApp and Splunk enable enterprises to reduce disruption and optimize performance so they can use their data to drive measurable business outcomes.”

The NetApp Splunk SOAR playbook is now available to download from SplunkBase.

Additional Resources Cyber Resilience: The Most Secure Storage on the Planet
Ransomware Resilience: Ransomware Protection Using AI-Based Detection

About NetApp

For more than three decades, NetApp has helped the world’s leading organizations navigate change – from the rise of enterprise storage to the intelligent era defined by data and AI. Today, NetApp is the Intelligent Data Infrastructure company, helping customers turn data into a catalyst for innovation, resilience, and growth.

At the heart of that infrastructure is the NetApp data platform – the unified, enterprise-grade, intelligent foundation that connects, protects, and activates data across every cloud, workload, and environment. Built on the proven power of NetApp ONTAP, our leading data management software and OS, and enhanced by automation through the AI Data Engine and AFX, it delivers observability, resilience, and intelligence at scale

Disaggregated by design, the NetApp data platform separates storage, services, and control so enterprises can modernize faster, scale efficiently, and innovate without lock-in. As the only enterprise storage platform natively embedded in the world’s largest clouds, it gives organizations the freedom to run any workload anywhere with consistent performance, governance, and protection.

With NetApp, data is always ready – ready to defend against threats, ready to power AI, and ready to drive the next breakthrough. That’s why the world’s most forward-thinking enterprises trust NetApp to turn intelligence into advantage.

About Cisco

Cisco (NASDAQ: CSCO) is the worldwide technology leader that is revolutionizing the way organizations connect and protect in the AI era. For more than 40 years, Cisco has securely connected the world. With its industry leading AI-powered solutions and services, Cisco enables its customers, partners and communities to unlock innovation, enhance productivity and strengthen digital resilience. With purpose at its core, Cisco remains committed to creating a more connected and inclusive future for all. Discover more on The Newsroom and follow us on X at @Cisco.

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. A listing of Cisco’s trademarks can be found at http://www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word ‘partner’ does not imply a partnership relationship between Cisco and any other company.

Tech Mahindra, Cisco Unveil Cyber Resilience Fabric for Unified Enterprise Security

Tech Mahindra and Cisco have jointly launched the Cyber Resilience Fabric, a next‑generation enterprise security solution integrating Cisco’s Splunk Enterprise Security with Tech Mahindra’s Risk Scoring platform.

Cyber Resilience Fabric empowers enterprises to move beyond traditional alert triage toward risk‑aligned, Business driven security decisions. By embedding intelligence‑based prioritization into workflows, it enhances early threat detection, precise response, and resilient recovery of mission‑critical services. The solution addresses a pressing industry challenge—expanding attack surfaces and rising operational complexity—while enabling faster, more effective incident management. 

Key Technical Features

• Unified Visibility: Aggregates alerts from diverse sources—network traffic, application logs, endpoint activity, cloud workloads, and identity systems—into one operational layer. 
• Splunk Integration: Uses Cisco’s Splunk Enterprise Security for real‑time monitoring and analytics. Cisco’s Splunk Enterprise Security ingest and normalize massive volumes of security data.  
• Risk Scoring: Tech Mahindra’s proprietary platform applies contextual risk prioritization to security events.
• AI‑Driven Analytics: Applies machine learning to distinguish genuine threats from operational noise. Enhances triage accuracy, reduces operational noise, and accelerates incident response.
• Decision Support: Enables proactive, risk‑led decision‑making instead of reactive alert management.

Strategic Benefits

• For CISOs/CIOs/CTOs: Provides deeper visibility into cyber risk posture, governance alignment, and compliance.
• Operational Efficiency: Reduces alert fatigue and fragmented SOC responses.
• Resilience Focus: Shifts security from attack prevention to operational continuity during and after attacks.
• Automation: Embeds intelligence‑driven prioritisation into workflows for faster incident management.

Comparative Context

Feature	Cyber Resilience Fabric	Traditional SOC Tools
Integration	Splunk + Risk Scoring	Standalone monitoring
Analytics	AI‑assisted, contextual	Rule‑based, static
Risk Prioritisation	Business‑aligned	Alert‑centric
Visibility	Unified across infra	Fragmented
Response	Faster, risk‑led	Slower, reactive

Risks & Considerations

• Adoption Complexity: Enterprises must integrate existing SOC workflows with the new unified fabric.
• Data Governance: Ensuring compliance with sector‑specific regulations.
• Operational Change: Requires cultural shift from alert‑driven to risk‑driven security operations.

Saket Singh, SVP & Business Head – Digital Core Services (Cloud, Infrastructure, Network and Cyber Security Services), Tech Mahindra, said, “In today’s hyper-connected enterprise landscape, the growing scale and sophistication of cyber threats are overwhelming traditional security operations, often leading to delayed detection and fragmented response. Through our partnership with Cisco, we are addressing this challenge by combining contextual risk intelligence with AI-driven analytics to help enterprises move from reactive alert management to proactive, risk-led decisioning. Cyber Resilience Fabric will enable faster detection, prioritized response, and stronger operational resilience.”

Shannon Leininger, SVP, Global Partner Sales & Splunk Channel Chief, Cisco, said, “The convergence of data, AI, and security is non-negotiable for modern enterprises. By integrating Splunk’s and Tech Mahindra’s unique capabilities, we are accelerating our customers' ability to prioritize effectively and automate their defense, delivering real, measurable digital resilience.”

Databricks Unveils Lakewatch to Help Enterprises Fight AI-Driven Cyberattacks

Databricks, the Data and AI company, today announced Lakewatch, a new open, agentic SIEM (Security Information and Event Management) designed to help organizations defend against increasingly sophisticated agent attackers. Lakewatch unifies security, IT, and business data into a single, governed environment for AI detection and response. With open formats and an open ecosystem, Lakewatch enables customers to ingest, retain and analyze unprecedented volumes of multi-modal data, while slashing costs and eliminating vendor lock-in. Security teams gain complete visibility across the enterprise and can deploy defensive security agents to automate threat detection and response at massive scale. Lakewatch is now available in Private Preview.

Defending at Machine Speed

AI threats are evolving at a speed and complexity that goes beyond human-led defenses. Attackers can now deploy agents to continuously scan systems, discover vulnerabilities, and execute coordinated attacks at machine speed. Defenders remain constrained by incomplete data, manual workflows, and siloed architectures. High ingestion costs force them to discard up to 75% of their data. This creates a dangerous asymmetry: attackers use AI agents to attack anywhere, while defenders see only a fraction of their own data and are limited by how fast their teams can react.

Lakewatch closes this gap by enabling organizations to unify all their data in open formats so they can analyze years of data cost-effectively without moving or duplicating it. This includes multi-modal data like video and audio to identify social engineering, insider threats, and anomaly detection. With Lakewatch, swarms of AI agents automate detection, triage, and threat hunting to meet machine-speed attackers with machine-speed defense.

“Security teams can no longer rely on manual workflows to outpace AI-driven attacks,” said Ali Ghodsi, Co-Founder and CEO of Databricks. “With Lakewatch, we are giving enterprises a new open data architecture and agentic capabilities to replace stagnating SIEM tools. Defenders must have even better visibility and speed than today’s agent attackers.”

Open, Agentic SIEM for Enterprise Speed and Scale

Lakewatch is designed to deliver agentic security atop the scale of an open security lakehouse. Key features include:

• Agentic Triage and Investigation: Build, optimize, and deploy custom security agents with Agent Bricks to handle complex workflows end-to-end. Agents parse and enrich telemetry across hundreds of formats to reduce Mean Time to Detect & Respond (MTTD/R), while remaining inside the secure, governed environment where data already lives. 
• Automated Security Intelligence: Integrated with Genie, Lakewatch automates triage, plans multi-step approaches, and helps enterprises reduce alert fatigue, leaving more time for analysts to focus on high-impact threats. 
• Open Ecosystem: Unify all structured and unstructured security data on one open, cloud-agnostic platform that integrates with any tool to identify social engineering, insider threats, and anomaly detection. Databricks’ new Open Security Lakehouse Ecosystem is a fast-growing group of leading security vendors and delivery partners, including Anvilogic, Arctic Wolf, Cribl, Obsidian, Okta, Palo Alto Networks, 1Password, Panther, Proofpoint, Rearc, Slack, TrendAI, Wiz (now part of Google Cloud), and Zscaler.
• Detection-as-Code: Manage detections as code with automated testing and deployment to ensure defense is always version-controlled and verified.
• Governance and Compliance at Scale: Enable compliance and consistent policy enforcement with Unity Catalog. Access cost-effective, long-term retention out of the box, helping global enterprises meet rigorous new mandates such as NIS2 and DORA.

Enterprise organizations use Lakewatch to unify their data and detect threats faster with AI. Lakewatch customers include industry leaders like Adobe and Dropbox.

“As the volume of security data grows, organizations need new ways to analyze and act on that information quickly and at scale,” said Karthik Venkatesan, Security Engineering Lead at Adobe. “Databricks provides the foundation needed to move from data-driven to AI-driven approaches for security operations, and Lakewatch is an important step toward bringing security intelligence closer to where data already lives.”

Deepening Partnership with Anthropic

Building on the success of the two companies’ existing strategic partnership, Databricks and Anthropic are deepening their collaboration to deliver agentic security operations. Anthropic Claude models help power Lakewatch, using Claude's advanced reasoning capabilities to correlate signals across security, IT, and business data to surface threats faster. Anthropic also uses Databricks for its own security lakehouse to gain complete visibility across its security and business data and detect threats earlier.

Expanding Security Leadership with Antimatter and SiftD.ai Acquisitions

To advance its open, agentic SIEM approach, Databricks is announcing the acquisitions of both Antimatter and SiftD.ai. Antimatter was founded by UC Berkeley security researchers who laid the foundation for provably secure authentication and authorization for AI agents. SiftD.ai, founded by the creator of Splunk’s Search Processing Language (SPL) and lead architects of Splunk's search stack, will bring deep expertise in large-scale detection engineering and modern threat analytics.

Availability

Lakewatch is now available in Private Preview. Read more about Lakewatch on the Databricks blog.