Cisco Systems Inc. is rolling out a set of new features designed to help companies secure their artificial intelligence agents.

The product enhancements made their debut today at the RSAC 2026 Conference. The networking giant also released an open-source tool, DefenseClaw, that can scan AI agents for vulnerabilities.

The first batch of new features will help customers regulate how their AI agents interact with tools such as MCP servers. The capabilities, some of which are still in development, will be reportedly be rolled out to several different Cisco products. One of those products is Duo IAM, a tool for managing user access to business applications.

The product enhancements will make it possible to register AI agents in Duo IAM along with information on which employees use them. Once an agent is registered, administrators can define rules that specify which tools it may access. Furthermore, they can regulate how an agent may interact with each tool. For example, a user could specify that an AI application may view the information in a financial database but not modify it.

Agents’ tool access can be limited to specific time frames. A company could specify that agents may only perform a certain task during business hours. That reduces the amount of time hackers have to launch cyberattacks.

“Cisco continuously evaluates agent interactions across APIs, MCP servers, and enterprise systems to detect abnormal behavior or manipulated instructions,” Raj Chopra, senior vice president and chief product officer of Cisco’s security business group, wrote in a blog post. “By analyzing intent, the platform can identify risks like unauthorized tool usage, policy violations, and attempts to access sensitive data.”

Cisco is rolling out a second set of cybersecurity enhancements to Splunk, the observability and cybersecurity platform that it acquired in 2024. One of the main additions is a new tool for developing detections. A detection is a custom code snippet designed to spot a specific type of cybersecurity issue. Cisco says that its new tool eases tasks such as testing newly crafted detections for technical issues.

The update will also ease other aspects of cybersecurity teams’ work. According to Cisco, Splunk can now generate an inventory of all the assets in a corporate network complete with data on how they interact with one another. Additionally, the company has added a half dozen AI agents that automate tasks such as remediating breaches.

Cisco announced the product updates alongside a new open-source project. DefenseClaw, as it’s called, is designed to make AI agents such as OpenClaw more secure. The tool is built atop another open-source OpenClaw security project called OpenShell that Nvidia Corp. released last week.

Cisco says developers can install DefenseClaw in about five minutes. From there, the tool searches for cybersecurity issues across the MCP tools, plug-ins and other technical resources that an AI agent uses to perform tasks. Furthermore, DefenseClaw tracks how those resources change over time to ensure that newly introduced vulnerabilities don’t go unnoticed.

A permission management feature enables administrators to block specific MCP servers. According to Cisco, block rules are applied in two seconds without restarting the affected agents.

“When you block a skill, its sandbox permissions are revoked, its files are quarantined, and the agent gets an error if it tries to invoke it,” DJ Sampath, the senior vice president of Cisco’s AI and software platform business, explained in a blog post. “When you block an MCP server, the endpoint is removed from the sandbox network allow-list and OpenShell denies all connections.”

DefenseClaw also includes other cybersecurity controls. If workers use an AI agent to develop software, the tool can scan its output for malicious code. DefenseClaw sends telemetry about the cybersecurity risks that it finds to Splunk through a prepackaged connector.

Cisco released DefenseClaw alongside two other free cybersecurity tools.

The first, the LLM Security Leaderboard, ranks popular large language models based on how well they can fend off malicious prompts. The second new cybersecurity tool is AI Defense: Explorer Edition. It’s a free version of a Cisco product called AI Defense that companies can use to scan their AI workloads for vulnerabilities.

Photo: Cisco