Cisco has announced a major expansion of its security portfolio designed specifically for the Agentic AI ecosystem. Recognizing that AI is shifting from a conversational tool to an autonomous workforce, Cisco is introducing new protocols to manage agentic identities, harden models against adversarial attacks, and automate security operations (SOC) at machine speed. According to a Cisco survey, while 85% of enterprises are experimenting with AI agents, only 5% have moved them into production—a gap Cisco aims to close by providing the necessary security guardrails.
Zero Trust for Agents: Cisco is extending Duo IAM to register and map AI agents to accountable human owners.
Cisco AI Defense - Explorer Edition: A new self-service red teaming toolkit for developers to test agents for prompt injection and jailbreaks before deployment.
Agent Runtime SDK: Embeds security policies directly into frameworks like AWS Bedrock, Google Vertex, and Azure AI Foundry.
DefenseClaw: An open-source secure agent framework that automates scanning, sandboxing, and inventory of AI assets.
Agentic SOC Expansion: Splunk (a Cisco company) is launching specialized AI agents for triage, malware reversing, and automated response.
LLM Security Leaderboard: A new transparent resource for evaluating model risk and susceptibility to manipulation.
Cisco is addressing the "identity crisis" of non-human workloads by treating AI agents like new employees. Through Agent Identity Management, every agent is assigned a verified identity in Duo IAM and mapped to a human manager. This ensures traceability and allows for Strict Access Control, where agents are given fine-grained, time-bound permissions via an MCP (Model Context Protocol) gateway. This prevents "over-privileged" agents from accessing sensitive data they don't need for their specific tasks.
"AI agents aren't just making existing work faster; they're a new workforce of co-workers," said Jeetu Patel, President and Chief Product Officer at Cisco. "Security teams are the key to unlocking this opportunity by making the agentic workforce safe enough to trust."
To ensure agents aren't corrupted by external prompts or malicious data, Cisco launched AI Defense: Explorer Edition. This tool allows AppSec teams to conduct multi-turn adversarial testing (red teaming) on their models. Furthermore, the Agent Runtime SDK allows developers to "bake" security into the agent's code at build time, supporting popular frameworks like LangChain and Azure AI Foundry.
Cisco also introduced DefenseClaw, a framework that hooks into NVIDIA’s OpenShell to provide automated runtime security. It includes:
Skills Scanner: Checks agent capabilities for malicious intent.
AI BoM (Bill of Materials): Automatically inventories all AI assets.
CodeGuard: Ensures that code generated or used by agents is secure.
To counter attackers who are already using AI to build automated exploit kits, Cisco is evolving the SOC into an Agentic SOC. By integrating specialized AI agents into Splunk Enterprise Security, analysts can move from manual research to proactive defense.
Malware Threat Reversing Agent: (Available now) Automatically analyzes and deconstructs malware samples.
Triage & SOP Agents: (Launching June 2025) Automate the initial evaluation of alerts and guide analysts through standard operating procedures.
Exposure Analytics: Provides real-time risk scoring and relationship mapping for all users and assets.
"The evolution of the SOC from reactive to proactive is now a necessity," said Ryan Morris, President at Blackwood. "Cisco is empowering analysts to move beyond manual triage and prioritize the most important threats quickly."
About Cisco
Cisco (NASDAQ: CSCO) is the worldwide technology leader revolutionizing how organizations connect and protect in the AI era. With 40 years of experience, Cisco’s AI-powered solutions enable customers to unlock innovation and strengthen digital resilience.
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.