Cisco has expanded its Duo platform from multifactor authentication (MFA) to a full-fledged Identity and Access Management (IAM) solution, aimed squarely at today’s persistent identity-based threats. This shift comes as identity plays a central role in modern attacks. According to Cisco Talos, identity factored into 60% of incidents in 2024.
"We've seen the onslaught of identity attacks raising to the point where 60% of attacks are including identity as a key component, and possibly like 80–90% involve identity in some way or another. So identity is there, kind of almost ubiquitous for all of these attacks. So that's super important," said
Matt Caulfield, VP of Product, Identity at Cisco.
Cisco’s move is grounded in the belief that legacy, traditional IAM providers have failed to prioritize security. “They’re mainly focused on productivity, which is important, but that’s a very different outcome than security,” Caulfield added. “A lot of other solutions treat security as a way to have customers pay more for an additional capability, rather than including it as part of their basic packaging.”
Security-First IAM, Built for Modern Needs
Duo IAM is a full stack, identity access management solution that puts security first and bakes protection into every layer of the stack. Organizations can now run Duo as a standalone IAM provider, which requires no third-party identity system required.
Organizations can continue to use existing identity providers, with Duo serving as a secure front door that provides a consistent experience across multiple backend systems. “Cisco itself uses seven different IDPs due to acquisitions, but we use Duo as our front door,” Caulfield explained. “That consistency helps our security team and improves the end-user experience.”
Duo IAM also supports side-by-side deployments, enabling use cases like isolating contractors from core user directories—adding flexibility in managing risk based on user type.
Phishing Resistance Without Hardware Hassles
With phishing threats becoming increasingly automated and sophisticated, Cisco has also rolled out a hardware-free approach to strong authentication. Duo's new Proximity Verification uses Bluetooth Low Energy to confirm that the user’s mobile device is physically near their computer during login.
“This means your phone is your key,” Caulfield noted. “You don’t need to go buy hardware tokens that cost $30–$60 and eventually get lost. You use Duo Mobile on your phone, place it near your laptop, and authenticate using Face ID or fingerprint.”
Duo IAM also supports Complete Passwordless login and Session Theft Protection via enhancements to Duo Passport, which removes browser cookie dependency—another step toward minimizing exploit opportunities.
Bringing Identity Intelligence into the Fold
Cisco also integrates its Identity Intelligence engine directly into Duo, giving security teams greater context and control. This includes assigning a trust score to each user based on a 360-degree view of their behavior and risk profile.
“We calculate a trust score for every user, whether trusted, untrusted, or suspicious,” Caulfield said. “That lets you apply policy based on risk and pinpoint who’s exposing your organization to threats. No matter what you have already in your environment, whether that's one identity provider or another, we pull the data together into identity intelligence so that we can understand each user from a user 360 perspective. The trust score is assigned on this basis and tells you if the users could be trusted, untrusted, or suspicious. We can drive policy based on that and help pinpoint which users are exposing your organization to the greatest level of risk.”
This unified visibility cuts across third-party IDPs and existing infrastructure, enabling more intelligent policy enforcement and targeted remediation.
Supporting MSPs and Regulatory Readiness
Duo IAM is designed with multi-tenant management in mind, enabling MSPs and MSSPs to manage multiple clients efficiently. “That can save a lot of operational cost,” Caulfield said. “But it also lets them offer more services because Duo now acts as a full IAM stack and directory.”
Importantly, the new phishing-resistant capabilities align with evolving regulatory requirements like NIST AAL3 and CMMC. “We know that a lot of customers look to their MSP partners to help them check all the boxes. This gives them a way to do that—without the cost or lifecycle burden of hardware keys,” Caulfield added.
The product has already been tested by 90 early customers in preview, and feedback has been strongly positive. “People appreciate that Duo is evolving, because they love the brand. This is our opportunity to do more with it,” Caulfield said.
Additionally, this marks a shift in how Duo engages MSPs. “We're making it possible for customers to not just run Duo as their MFA solution. You can now run Duo standalone. This is a big step forward,” said Caulfield. “We work with over 10,000 MSPs. They often ask, ‘How can I go all in on Duo?’ This is their opportunity.”
Cisco’s launch of Duo IAM is more than a feature expansion. It is a thought-through strategy that reframes identity as the foundation of enterprise security. Built to reduce friction, improve visibility, and give partners new value-added services to offer, Duo IAM is now entering the market to meet the identity security needs of a complex, AI-driven threat landscape.
