AI is changing security on both sides of the line.
The Mythos moment has shown how frontier models can accelerate vulnerability discovery and dramatically compress the time for defenders to understand exploitable attack paths and act.
At the same time, enterprises are increasingly putting agents to work. The OpenClaw moment showed that agents are not just another interface to generative AI. They are actors. They use tools, call APIs, access systems, move data, write code, and trigger workflows.
The ramifications are a changed threat model and new priorities for security teams.
Over the past year, Cisco has helped define what security in the agentic era requires: protecting AI infrastructure, AI applications, securing the AI supply chain, extending zero trust to agents, and helping defenders use AI to respond faster.
This week at Cisco Live, we are moving that work forward across three imperatives: hardening infrastructure and putting new defenses in place, securing agents in the enterprise, and using agents to speed response so defenders can meet the moment.
When AI-powered adversaries can move faster, defenders need to reduce exposure faster.
That is the core idea behind Cisco’s Shields Up guidance for the age of AI-enabled attacks. Shields Up is not one product or one control. It is a posture: harden what matters, understand exposure and prioritize, validate defenses, hunt proactively, and respond with greater confidence when the clock is compressed.
Cisco’s participation in Project Glasswing and the Trusted Access for Cyber program reflects that same mindset. By applying advanced AI capabilities to help identify and address potential vulnerabilities before they can be exploited, we are actively hardening our products and services, strengthening their resilience, and building defenses that match the new pace of attack.
Today marks another milestone in that journey: Live Protect is now generally available on Nexus, with plans to expand across the broader Cisco portfolio.
Live Protect addresses one of the hardest realities security and infrastructure teams face: the gap between knowing about a vulnerability and applying a permanent fix. Live Protect inserts Cisco-validated runtime protections for Cisco infrastructure, allowing operators to reduce exposure immediately while they test, schedule, and deploy the permanent patch through normal change-control processes. It is not a replacement for patching, rather, it is an effective way to close the discovery-to-fix timeline while preserving uptime.
To further strengthen confidence in these protections, we are also excited to announce a collaboration with Armadin, a leading AI-native offensive cybersecurity company. Cisco and Armadin will share vulnerability threat research and work together to red team Live Protect shields against real-world exploit techniques.
Cisco Hybrid Mesh Firewall, together with Splunk Enterprise Security, helps extend protection and visibility across hybrid environments, bringing firewall intelligence, workload context, and security analytics together so teams can detect, investigate, and act faster.
And as many teams are stretched too thin to hunt for threats, our expanded Cisco Talos Proactive Threat Hunting service helps customers find threat actor activity that may live between alerts, using expertise and telemetry across endpoint, firewall, and identity signals.
The first imperative is clear: strengthen infrastructure before the attack, protect it while risk is active, and give defenders advanced capabilities to discover and address active attack paths and exposure risks.
The second imperative is to secure the agents now entering the enterprise. At RSAC, we framed security for agents around three requirements:
This week at Cisco Live, we are advancing that model.
Protecting agents from the world must account for two different models: organizations that are building agents, and organizations that are adopting them.
For agents that organizations build themselves, security has to span the full lifecycle: discovery, supply chain security, red teaming, and runtime protection. Cisco AI Defense is designed for that. This week we are extending it with customer-specific security tests and guardrails, automated supply chain risk checks, and broader coverage across the environments where customers are building agents.
But another model is emerging just as quickly: organizations are adopting local agents such as OpenClaw, Claude Code, and OpenAI Codex. These aren’t the same as applications moving through a typical development lifecycle. They are endpoint agents that reason, deploy quickly and interact directly with files, tools, code, and applications.
That is what created the OpenClaw moment: the point when the risk became concrete. Powerful local agents were acting inside enterprise environments before enterprise controls had fully caught up.
At RSAC, Cisco responded by releasing DefenseClaw as open source to help the community address this urgent new challenge—detecting threats across user prompts, installed skills, connected Model Context Protocol (MCP) servers, and more. DefenseClaw uses NVIDIA OpenShell at the secure runtime for developing and deploying autonomous agents in sandboxed environments, OpenShell provides the isolated execution boundary and enforces sandbox policies that constrain agent activity.
At Cisco Live, we are taking the next step by making DefenseClaw enterprise-ready and integrating it into Cisco Secure Client. That brings agent protection into a broadly deployed client that organizations already use for visibility, posture, and trusted access.
The same Secure Client that helps protect local agents with DefenseClaw can steer agent traffic to Cisco Secure Access SSE for inspection and enforcement. That makes Secure Client the bridge from protecting agents from the world to protecting the world from agents—giving agents the access they need to do their jobs without allowing them to act outside their guardrails.
At RSAC, we also announced Zero Trust for Agents, combining agentic identity in Duo with enforcement through MCP in Secure Access SSE. This was an important step, but MCP is only one part of the agent workflow. Agents operate across multiple systems within a single task: interacting with LLMs, MCP servers, APIs, and the web, each with different credentials and policies.
This week, we are extending Secure Access with an Agent Gateway, bringing one enforcement point, one policy framework, and one audit trail across more of the agent workflow—including agents that directly access data and act through APIs. We are also adding multi-turn LLM controls, so security can evaluate the back-and-forth between the agent and the model as the agent reasons, plans, and adapts.
The goal is access that is just-in-time, just enough, and just long enough to complete the job—without embedded credentials or long-lived tokens. These innovations represent a major step toward that goal.
The third imperative is to put agents to work for defenders—not as another tool, but as part of a better operating model.
Security teams already have too many tools, too many alerts, too much context switching, and too little time. AI-speed threats will not be solved by asking people to manually stitch together more data across more consoles. Defenders need shared context, trusted automation, and a faster path from signal to action.
Agents can help, but only when they are grounded in a platform that brings the right context together.
That is where Cisco Cloud Control and AgenticOps come in. Cisco is bringing security, network, infrastructure, and now, identity, into a shared operating environment so people and trusted agents can work from the same data, understand the same dependencies, and take action.
Identity is a critical anchor because so many security responses start with understanding the actor. Who or what is taking action? What should they be allowed to do? Does the behavior match what we expect?
By connecting identity with the network, infrastructure, and security context, Cisco Cloud Control gives agents the cross-domain telemetry they need to help defenders correlate evidence, troubleshoot issues, and recommend policy changes.
The same shift is happening in the SOC. Splunk is advancing the Agentic SOC with AI capabilities designed to help analysts triage, investigate, and respond faster while keeping humans in control. The goal is not to replace judgment. It is to reduce complexity, accelerate response, and help defenders act with confidence when activity is moving at machine speed.
Mythos is ultimately about a coming wave of highly advanced attacks at machine speed and high prevalence. And so comprehensive visibility is an absolute requirement in this new world. The network is the key asset that can provide visibility and more.
In the agentic era, the network is not just connectivity. It is the source of truth for how users, devices, workloads, applications, APIs, data, and agents actually interact. Context provided by the network is what allows security teams to understand behavior, enforce trust, and respond with confidence across domains.
Security for the agentic era means resilient infrastructure, governed agents, network-enforced trust, AI-assisted operations, faster response, and people in control.
The innovations we are announcing this week at Cisco Live are steps along that path: toward infrastructure that is harder to exploit, agents that are safer to use, operations that move with greater speed, and security teams that can act with confidence.
That is how Cisco is helping customers become more resilient—and helping security teams protect, detect and respond with confidence in the agentic era.
Some products or features described may be in various stages of development and offered on a when-and-if available basis. Cisco reserves the right to change delivery timelines and will have no liability for any delays or failures to deliver.
We’d love to hear what you think! Ask a question and stay connected with Cisco Security on social media.
Cisco Security Social Media
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。