Cisco Systems launches open source DefenseClaw to secure AI agents with real-time scanning and control, strengthening enterprise AI governance.
Cisco Systems has introduced DefenseClaw, an open source tool designed to scan AI agents for vulnerabilities, marking a significant expansion of its open-source AI security stack. Built on OpenShell within the OpenClaw ecosystem, the tool enables rapid deployment in about five minutes while continuously tracking vulnerabilities across evolving systems.
DefenseClaw secures AI agents interacting with MCP tools, plug-ins, and external resources. It offers permission management to block MCP servers instantly, scans AI-generated outputs for malicious code, and integrates telemetry with Splunk. Enforcement actions are executed within two seconds without requiring agent restarts.
The launch coincides with new AI security capabilities unveiled at RSAC 2026 Conference, focused on governance and control of AI agents. Organisations can register agents in Duo IAM, define granular access policies, restrict operations by time windows, and regulate interactions with enterprise tools.
“Cisco continuously evaluates agent interactions across APIs, MCP servers, and enterprise systems to detect abnormal behavior or manipulated instructions,” said Raj Chopra, senior vice president and chief product officer of Cisco’s security business group. “By analyzing intent, the platform can identify risks like unauthorized tool usage, policy violations, and attempts to access sensitive data.”
Enhancements to Splunk include detection engineering tools, automated asset mapping, and AI agents for breach remediation.
“When you block a skill, its sandbox permissions are revoked, its files are quarantined, and the agent gets an error if it tries to invoke it,” said DJ Sampath, senior vice president of Cisco’s AI and software platform business. “When you block an MCP server, the endpoint is removed from the sandbox network allow-list and OpenShell denies all connections.”
Cisco also introduced the LLM Security Leaderboard and AI Defense: Explorer Edition to further strengthen AI workload security.
