Cisco is set to revolutionize the field of cybersecurity with groundbreaking innovations tailored for the agentic AI ecosystem, where software transitions from merely responding to queries to taking action. During the RSA Conference 2026, Cisco will showcase its new solutions aimed at addressing security challenges related to AI and overcoming significant barriers to the adoption of these technologies. By establishing trusted identities, implementing stringent Zero Trust Access controls, reinforcing agents prior to deployment, instituting guardrails during operation, and equipping security operations center (SOC) teams with tools for rapid threat resolution, Cisco is laying down a security foundation crucial for the growing AI economy.
“AI agents are not just about accelerating existing tasks; they represent a new tier of collaboration that can significantly enhance organizational capabilities,” stated Jeetu Patel, President and Chief Product Officer at Cisco. “With these agents, projects that were previously stalled due to resource limitations are now attainable. The only boundary is creativity, and security teams play a vital role in harnessing this potential by ensuring that the agentic workforce is reliable and secure enough to be trusted.”
In a recent survey conducted by Cisco among major enterprises, 85% reported experimenting with AI agents, but only 5% had deployed agentic technology in a production environment.
To unlock the immense potential of AI agents, Cisco has identified three critical pillars for securing the agentic workforce: Firstly, ensuring that the world is protected from agents so they can act as intended; secondly, safeguarding agents from external threats to prevent manipulation or corruption; and thirdly, enabling the swift detection and response to AI-related incidents.
Protecting the World from Agents: Building Trust Before Deployment
Like any new hires, AI agents require thorough onboarding to establish their identities, comprehend their roles, and be linked to accountable human managers. However, many enterprises currently lack awareness about the agents in operation, and who is responsible if something goes wrong. Existing Security Service Edge (SSE) tools are not designed to enforce time-sensitive access for agent workloads nor do they grasp the context behind agent requests.
The 2025 Cisco Talos Year in Review highlights that attackers predominantly target components involved in user authentication, access enforcement, or trust brokerage between systems. This focus on identity is expected to intensify with the growth of agentic workloads.
To confront these challenges, Cisco is enhancing Zero Trust Access for AI agents, ensuring that each agent is accountable to a human employee and that their actions are secured. The new capabilities from Duo IAM integrate novel policy enforcement and context-aware monitoring within Cisco Secure Access, enabling organizations to gain comprehensive visibility and governance over their agentic workforce. These features include:
- Agent Identity Management: Customers can register agents in Duo IAM and assign them to accountable human owners, ensuring verifiable identities and traceable actions.
- Agent and Tool Visibility: Cisco Identity Intelligence uncovers both agentic and non-human identities to enhance organizational understanding of existing AI usage.
- Strict Access Control: Agents receive specific permissions necessary for their designated tasks for limited timeframes, with all tool traffic routed through an MCP gateway to eliminate blind spots.
“Organizations are eager to adopt AI but need to avoid creating security gaps. Cisco’s Zero Trust Access for AI agents offers visibility into agentic identities while restricting access strictly to essentials,” remarked Jeremy Nelson, CISO North America at Insight. “We’re excited to provide these capabilities to secure our clients’ data as they expand their AI initiatives.”
“In this rapidly evolving environment of agentic technology, maintaining strict access control for AI agents is crucial yet challenging when using legacy tools made for human operators. This inconsistency leads to enforcement gaps that agents will inevitably exploit,” explained Fernando Montenegro, Vice President & Practice Lead, Cybersecurity & Resilience at Futurum. “Cisco’s platform approach effectively aims to modernize tools and ensure a consistent, adaptive security posture for AI agents.”
Protecting Agents from External Threats: AI Defense Ensures Workforce Safety
As companies hasten to integrate AI agents within complex and decentralized environments, Cisco is bolstering AI Defense with powerful tools that assist organizations in testing, trusting, and securing their AI agents and their interrelations.
Traditional scanning methods fall short, as they cannot emulate the real-world threats faced by agents, which often involve prolonged interactions and access to various tools and resources.
To empower organizations in meeting these challenges, Cisco is democratizing its exceptional AI Defense capabilities by launching Cisco AI Defense: Explorer Edition. This self-service solution is built on the trusted core AI Defense Validation engine utilized by Global 2000 companies. Users can engage in red teaming AI models and applications slated for agentic workflows, allowing them to assess vulnerability to attacks and measure risk posture prior to deployment. This toolkit empowers AI developers, AppSec teams, and security analysts to construct and fortify AI agents.
At launch, Cisco AI Defense: Explorer Edition features:
- Dynamic Agent Red Teaming: Conduct comprehensive adversarial testing for models and applications that facilitate agent workflows using Cisco’s tailored red teaming framework.
- Model and Application Security Testing: Validate resilience against prompt injection, jailbreaks, and other unsafe outputs.
- Simple Security Reporting: Gain actionable security insights for AI, which can be exported for compliance reviews.
- API-First Access: Interface with CI/CD systems for GitHub Actions, GitLab, Jenkins, and custom pipelines.
- Team Collaboration: Invite colleagues and upgrade to AI Defense Enterprise for advanced role-based access control (RBAC).
Additionally, Cisco is unveiling the Agent Runtime Software Development Kit (SDK), embedding policy enforcement directly into agent workflows during build time. This SDK supports major frameworks including AWS Bedrock AgentCore, Google Vertex Agent Builder, Azure AI Foundry, LangChain, among others.
Cisco is also introducing the LLM Security Leaderboard, a resource for evaluating model risk and vulnerability to adversarial attacks. This tool offers transparency in evaluation signals, situating model performance metrics against assessments of how models respond to malicious prompts, jailbreak attempts, and other manipulation tactics. It provides organizations with a clear understanding of model risks and informs comprehensive defense strategies for AI deployments.
Together, these capabilities allow organizations to transition from pilot phases to full production with assurance, knowing that their agents have been rigorously tested, benchmarked, and fortified before being introduced into production systems.
Collaboration is paramount in security, and Cisco continues to champion transparency and teamwork. Following last year’s launch of its first open source foundation AI model at the RSA Conference, Cisco is introducing today DefenseClaw—a secure agent framework designed to remove friction between security and development. By amalgamating a range of essential open source tools—including Skills Scanner, MCP Scanner, AI BoM, and CodeGuard—DefenseClaw ensures the scanning and sandboxing of every skill, verification of every MCP server, and automatic inventorying of every AI asset, thus enabling developers to deploy secure agents faster and with greater confidence.
DefenseClaw’s features will seamlessly integrate with NVIDIA’s OpenShell, enhancing an ongoing partnership designed to provide robust automated security at the runtime level. By consolidating these capabilities into a singular framework, Cisco negates the need for manual security processes or separate tool installations, allowing organizations to maintain zero-trust integrity while scaling their agentic workforces.
Detect and Respond at Machine Speed: Fortifying the Agentic SOC
AI technologies represent a double-edged sword. The recent Talos Year in Review highlights that vulnerabilities like React2Shell have been swiftly and automatically exploited, potentially driven by the use of agentic AI to assemble new exploitation kits.
Ironically, the same AI agents that create new security challenges can also serve as valuable tools for defenders. Today’s SOC analysts are inundated with alerts and fragmented data, often investing more time in research than in actual response efforts.
As part of Cisco’s security portfolio, Splunk has already begun embedding AI within key SOC workflows. It is now advancing the SOC from a reactive stance to a proactive approach by offering:
- Exposure Analytics: Integrated into Splunk Enterprise Security by default, providing an always-updated inventory of all assets and users alongside real-time risk scoring and relationship mapping for comprehensive visibility using data already ingested by organizations.
- Detection Studio: A unified workspace that simplifies the entire detection engineering cycle—planning, building, testing, deploying, and monitoring detections—while automatically mapping detection coverage against the MITRE ATT&CK framework to identify and close gaps effectively.
- Federated Search: A unified search capability that enables SOC analysts to uncover and correlate data across various environments, lowering costs and speeding up investigations.
- The Agentic SOC Expansion: Specialized AI agents—including the Detection Builder Agent, Standard Operating Procedures (SOP) Agent, Triage Agent, Malware Threat Reversing Agent, Guided Response Agent, and Automation Builder Agent—advance beyond mere data presentation to active evaluation and task execution. By automating security workflows, security responsibilities transform from bottlenecks to accelerators, empowering the SOC to operate at machine speed and scale.
“The shift of the Security Operations Center from a reactive to a proactive model has become essential in today’s threat landscape. By introducing specialized AI agents, Cisco is equipping analysts to swiftly prioritize the most critical threats over labor-intensive manual processes,” noted Ryan Morris, President of Blackwood. “This innovation is crucial for enabling security teams to keep pace with the growing demands and complexities of SOC operations.”
Detection Studio and Malware Threat Reversing Agent are currently available, while Exposure Analytics, SOP Agent, and Federated Search are anticipated to launch in April and May. Automation Builder Agent and Triage Agent are expected to debut in June, with Detection Builder Agent and Guided Response Agent slated for prerelease testing in June 2026.
