惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

MyScale Blog
MyScale Blog
Microsoft Azure Blog
Microsoft Azure Blog
H
Help Net Security
N
News and Events Feed by Topic
Recent Announcements
Recent Announcements
D
Docker
M
MIT News - Artificial intelligence
L
LangChain Blog
I
InfoQ
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
P
Proofpoint News Feed
博客园_首页
MongoDB | Blog
MongoDB | Blog
美团技术团队
S
Schneier on Security
G
GRAHAM CLULEY
月光博客
月光博客
有赞技术团队
有赞技术团队
Vercel News
Vercel News
Scott Helme
Scott Helme
P
Privacy International News Feed
Last Week in AI
Last Week in AI
Recorded Future
Recorded Future
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
The Cloudflare Blog
Attack and Defense Labs
Attack and Defense Labs
Google Online Security Blog
Google Online Security Blog
Simon Willison's Weblog
Simon Willison's Weblog
量子位
S
Security @ Cisco Blogs
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
V
Visual Studio Blog
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
NISL@THU
NISL@THU
N
Netflix TechBlog - Medium
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
Recent Commits to openclaw:main
Recent Commits to openclaw:main
Spread Privacy
Spread Privacy
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
小众软件
小众软件
罗磊的独立博客
Security Archives - TechRepublic
Security Archives - TechRepublic
T
Threatpost
L
Lohrmann on Cybersecurity
www.infosecurity-magazine.com
www.infosecurity-magazine.com
S
Security Affairs
Cloudbric
Cloudbric
爱范儿
爱范儿
H
Heimdal Security Blog
PCI Perspectives
PCI Perspectives

Cisco Blogs

Cisco Live 2026: Bringing the Future of Customer Experience to Las Vegas Edge opportunity for service providers: Turn infrastructure into new services MRC and SRv6: How Foundational Networking Innovations Are Enabling the Next Generation of AI Supercomputers The SMB Marketing Reset: Winning Customer Trust in a Digital-First Economy Inside the SOC: AI-powered DNS defense against ransomware Our Path Forward Securing the Federal Digital Experience with Cisco ThousandEyes for Government Cisco at ONUG Dallas 2026: Securing the AI Data Center in the Agentic Era Cisco and Red Hat are powering intelligent core to edge: Red Hat Summit insights Building the Capabilities That Win: How Cisco Partners Can Lead in the SMB & Mid-Market Era How Two Hours Felt Bigger Than My To-Do List Announcing Foundry Security Spec Ace the CCIE Collaboration Lab: Success Tips from a TAC Engineer Turned CCIE Powering an Inclusive Future: Your guide to the Purpose Pavilion at Cisco Live Las Vegas The Infrastructure Behind the Mission: SOF Week 2026 Cisco Networking App Marketplace Partners at Cisco Live 2026 Beyond the Pilot: Building the Clinical Data Fabric for the Agentic Era Benchmarking scale-out AI fabrics with Cisco N9000 + AMD Pensando™ Pollara 400 NICs Month of Developer Productivity: Build and Forget The race to autonomous transport networks: A new study Lean IT, future-ready: How to save time and simplify wireless management with AI Reading Between the Pixels: Failure Modes in Vision Language Models Biochar’s triple win: Healthier soils, improved crops, and decarbonization Designing a Proactive Customer Journey Modernize your data center operations with Cisco Nexus Dashboard Why your automation stack needs Cisco Agentic Workflows Try Cisco AI Defense Explorer Edition in this hands-on lab From Bandwidth to Intelligence: How Cisco is Powering AI-Ready Networks Spotlight on digital transformation | FY25 Purpose Report Galaxy Mode is live: A limited-time look at what your Cisco AI Assistant and AgenticOps can already do Securing the Agentic Workforce: Cisco Announces Intent to Acquire Astrix Security Understanding CISA BOD 26-02: Mitigating Risk from End-of-Support Edge Devices Digging Deeper: The Future of Mining with Automation and Ultra-Reliable Wireless Voices from the field: Helping farmers build resilient local economies across rural America Built like a startup, scaled like Cisco: Transforming data center cooling for the AI era Defining Model Provenance: A Constitution for AI Supply Chain Safety and Security Introducing Model Provenance Kit: Know Where Your AI Models Come From Security Insights: A Threat-First View for the Platform That Enforces Access How I Turned My Curiosity into a Patent From Strategy to Architecture: How Cisco is Building a Quantum-Safe Future Maximizing Managed Security Services: A Strategic Guide to Optimizing Your Portfolio (Part 1 of 2) Simplify access control in five easy steps Trust: Why security is your next growth engine Cisco IQ is generally available. Here’s what that actually means. From Vision to Reality: Intelligence in Action with Cisco IQ How connectivity is shaping the future of surgical care The power of your network: Solving a physical security incident on Vision portal 5 signs your data center is holding your AI strategy back Stop Overthinking OT Security: The Total Cost of Ownership and Being Smart with Refreshes AI-Ready, Simpler, and More Secure WAN: Cisco SD-WAN Innovations Scaling the digital future: Why AI and skills investments matter for business and society Expanding our Product Organization Recap Scaling the Future: Reddit AMA on Network Automation at Scale Bringing Professional-Level Skills to Cisco Networking Academy Announcing Cisco Availability in Google Cloud Marketplace: A New Path to Scalable, Partner-Led Growth The Innovation Paradox: How We Reduced Incidents by 25% While Deploying Faster Funding the AI-ready data center: Why flexibility wins The switch that quantum networking has been waiting for From a Message I Couldn’t Believe to a Stage I’ll Never Forget The Hidden Bottleneck Slowing Down Manufacturing Transformation 30 Years as a CCIE: Why Certifications Matter in the AI Era Securing Enterprise AI: Cisco AI Defense Expands to Google Cloud How ThousandEyes Closed the Cloud Visibility Gap by Solving It Themselves First Energy Will Define the Scale of AI Introducing the AI Agent Security Scanner for IDEs: Verify Your Agents Stop Overthinking OT Security: People, Process and Technology Powering the Future of Research: Join Cisco at NLIT 2026 Building the Digital Foundation for a Smarter West Lincoln Memorial Hospital How Cisco built an AI-RRM that maximizes your wireless solution From Automation to Autonomy: Cisco and Rockwell Power a New Era for Manufacturing Unlocking the Future of Fan Engagement: The Power of VisionEDGE Find Yourself in the Future: AI Is the New Baseline—Here’s How to Build Your Skills One Day with Our Customers: Driving better outcomes through customer centricity What It Really Takes to Build an AI-First Workforce From Connectivity to Security: How E80 Future-proofed its AGV Operations with Cisco The Infrastructure of a Floating City: AIDA Cruises’ CX-Led Digital Transformation Scaling your network for AI without a forklift upgrade Why modern networks are moving DDoS defense to the edge Evolve IP Media to AI-Driven Media Fabrics: Future-Proof Broadcast with Cisco and NVIDIA Cisco and Generation are scaling AI-powered pathways to employment Reading Between the Pixels: Assessing Prompt Injection Attack Success in Images Lean IT, future-ready: Why Wi-Fi is your AI growth strategy Cisco Modeling Labs: Bringing the Network Digital Twin to Life AI on the Factory Floor: Why Manufacturing Requires a New Architecture with Cisco Unified Edge Designing for What’s Next: Securing AI-Scale Infrastructure Without Compromise Scaling the Future: Join Our Reddit AMA on Network Automation at Scale 5 wireless trends retail IT teams can’t ignore in 2026 Can your infrastructure management tools do that? Sustainability 101: Let’s talk about energy efficiency From Chai Breaks to Checkpoints: A Day at Cisco Bengaluru Preparing for Post-Quantum Cryptography: The Secure Firewall Roadmap Non-Obvious Patterns in Building Enterprise AI Assistants Making AI Trustworthy and Observable in Real-Time: Cisco Announces Intent to Acquire Galileo A simpler path to unified, AI-ready network operations Cisco Celebrates The Smart Industry Industrial Transformation Award Winners Mobile World Congress 2026: AI-powered Network Security Powering MWC Barcelona – Building a Unified SOC and NOC with Splunk in Record Time How New Data Streams Transformed Cisco Store’s Decision-Making AI-powered Network Security at the Mobile World Congress 2026 SNOC Inside the Mobile World Congress 2026 SOC: Detecting Shadow Traffic with Firepower 6100
Protecting Agents with Cisco AI Defense and Google Agent Development Kit
Siddhant Das · 2026-05-12 · via Cisco Blogs

Agents are powerful because they do more than answer questions. They call tools, retrieve context, and act across multiple steps. That is what makes frameworks like Google’s Agent Development Kit (ADK) so useful, and it is also what changes the security problem. Cisco AI Defense provides runtime protection for AI agents. With this integration, AI Defense now plugs into Google’s ADK and carries the same runtime controls from local development to Agent Runtime on Gemini Enterprise Agent Platform.

Google’s ADK is used to build tool-using agents. Agent Runtime is the managed runtime to deploy them. This integration makes it easy to keep Cisco AI Defense runtime protection attached in both places.

The security problem changes with agents

The real risk is not just that an agent produces a bad answer. The bigger issue is that untrusted prompt content can influence tool behavior, and tool output can send sensitive data back into the model. Once agents start interacting with external systems, the security question shifts from “What did the model say?” to “What did the agent do, and what data crossed runtime boundaries?” That is where runtime protection matters.

Whether an agent runs locally or on Gemini Enterprise Agent Platform, teams need a way to inspect and enforce policy across the full execution path—not just at the first model call. They need visibility into what crosses those boundaries and a mechanism to decide whether a run should continue, be observed, or be stopped.

Cisco AI Defense adds security without disrupting the developer flow

The Cisco AI Defense integration for Google’s ADK is designed to add runtime security controls without forcing developers to rebuild their application around a separate security workflow. Instead of creating a parallel control plane, it plugs into the ADK lifecycle developers are already using.

Start with two lines of code

For a local ADK agent, the fastest path is intentionally small:

from aidefense_google_adk import defend
agent = defend(agent, mode="enforce")

That is the simplest agent-level integration. You keep the ADK agent structure you already have and attach policy enforcement directly to it.

Deploy the same protected agent to Agent Runtime

Once the agent is protected, you can use the standard ADK deployment flow to run it on Agent Runtime: 

app = agent_engines.AdkApp(agent=agent)
remote_agent = client.agent_engines.create(
agent=app,
config={
“requirements”: [“google-cloud-aiplatform[agent_engines,adk]>=1.112”], “staging_bucket”: “gs://YOUR-STAGING-BUCKET”,
},
)

The important detail is that protection is attached before deployment. The same protected ADK agent can move from local development into Agent Runtime without requiring a different security pattern.

Why ADK is the right integration point

Google ADK is a strong seam for runtime protection because it already defines clear lifecycle boundaries around model and tool execution. Those boundaries create natural inspection points:

  • Before a model call
  • After a model response
  • Before a tool call
  • After a tool response

These are the moments where agent behavior changes. Untrusted prompt content can shape a tool request. Tool output can leak sensitive data back into the model. Runtime protection is most effective when it sits at those transitions instead of being scattered across prompts and custom wrappers.

Two ways to attach protection in ADK


There are two main integration patterns depending on whether you want shared app-wide controls or agent-specific protection.

1) App-level plugin

Use the plugin path when you want shared protection across the ADK app runtime.

plugin = defend(mode="enforce")
app = App(name="my_app", root_agent=agent, plugins=[plugin])

2) Agent-level callbacks

Use callbacks when you want protection attached directly to a specific agent.

from aidefense_google_adk import make_aidefense_callbackscbs = make_aidefense_callbacks(mode="enforce")
cbs.apply_to(agent)

Use the plugin for app-wide controls; use callbacks when you want agent-specific protection.

Monitor vs. enforce

This distinction usually matters most to both developers and platform teams.


For example, a sensitive data request might be observed in monitor mode and then blocked in enforce mode at tool_response, because that is the point where the violation becomes visible. That difference matters. Monitor helps teams understand risk in a live workflow. Enforce turns the same decision point into a runtime control.

What a block decision looks like

This is what makes enforcement auditable for developers and security teams. Decision: block

  • Stage: tool_response
  • Classification: PRIVACY_VIOLATION
  • Rule: PII

In simple terms, this means the request was allowed to proceed until the tool returned sensitive data, and the runtime blocked the flow at the point where the violation became visible. For developers, this is especially useful because it explains not just that a run was stopped, but where the unsafe behavior surfaced.

From local ADK to Agent Runtime on Gemini Enterprise Agent Platform

One of the most practical benefits of this integration is that the same ADK application model works across two environments:

  • Local ADK runs for fast development and iteration
  • Hosted Agent Runtime runs for managed deployment

That does not mean every runtime surface looks identical all the time. Hosted evidence should still be treated as request-correlated data tied to a specific invocation, with logs used as supporting context. But the same policy model follows the agent from local development into the hosted runtime. Teams do not need one security pattern for local testing and another for deployment. The same runtime controls travel with the agent.

Built on the official Google’s ADK path

This integration uses the extension points that Google’s ADK already provides instead of asking developers to work around the framework. That matters for two reasons:

  • It keeps the application readable.
  • It makes the security layer easier to adopt in normal ADK workflows.

For teams evaluating platform fit, that can matter as much as the policy outcome itself. Security should feel like part of the framework lifecycle—not a parallel workflow bolted onto the side.

Why this integration matters

Google’s ADK and Gemini Enterprise Agent Platform make it easier to move from prototype to hosted agent runtime quickly. That is good for development speed, but it also means agent behavior can reach real systems faster. If runtime protection is too disruptive, teams will delay it. If it fits naturally into the ADK model, lets teams start in monitor mode, and provides a clear path to enforce, it becomes much easier to keep security turned on as the agent matures.

Final thoughts

The value of this integration comes down to a simple combination:

  • A small ADK integration surface
  • Live proof in both local ADK and hosted Agent Runtime
  • Clear runtime decisions in monitor and enforce modes
  • Deployment flexibility: teams can route calls either directly to Cisco AI Defense or through Google Cloud’s Agent Gateway, depending on how they want to operationalize enforcement

That combination turns agent protection from an abstract requirement into something developers can evaluate quickly and adopt with confidence.

Get started with Cisco AI Defense on Google ADK and Vertex Agent Engine

  • The fastest way to see the value is to run the same agent workflow in Monitor and Enforce and compare what AI Defense does at runtime: what it flags, what it blocks, and the “blocked and why” decision trace.
  • Start here (live demo runner):
  • If you want to run it yourself end-to-end, use the official Google ADK path and compare local vs hosted behavior with AI Defense enabled:
    • Google ADK + Vertex quickstart
    • Local Google ADK demo
    • Hosted Vertex AI Agent Engine demo
  • To get access to an AI Defense evaluation (including API key), request a demo here: cs.co/aidefensedemo

Get started with Cisco AI Defense on Google’s ADK and Agent Runtime

Why this matters

Google’s ADK is the framework for building tool-using agents and Agent Runtime is the managed runtime to deploy them. Cisco AI Defense Runtime Protection is designed to follow that same path, so the same runtime policy enforcement applies in local development and in hosted execution on Agent Runtime.

Google ADK demo