Cisco DefenseClaw: Revolutionizing Agent-Based AI Security
Le brief IA que les pros lisent chaque soir
Les 7 actus IA du jour, décryptées en 5 min. Gratuit.
Inclus dès l'inscription : notre sélection des meilleurs guides & comparatifs IA.
Choisis ton rythme
Gratuit · Pas de spam · Désabonnement en 1 clic
Cisco recently made a major announcement in the field of agent-based AI security with the launch of DefenseClaw. This tool aims to fill a critical gap in the supervision of autonomous agents, which are increasingly used for tasks such as email monitoring or flight booking. While these technologies hold promise, they also pose significant security risks. Cisco is positioning itself in a competitive sector where many companies are looking to offer supervision solutions for agent-based AI.
Agent-based artificial intelligence has quickly captured the public's imagination, but it is also associated with considerable security risks. Enterprise software providers are seeking to support beneficial agents while blocking those that could be harmful. It is in this context that Cisco Systems unveiled DefenseClaw, a tool that aims to be the missing "operational layer" for agent security. According to DJ Sampath, head of AI software at Cisco, DefenseClaw is designed to "keep a governed claw." He stated in a blog post that this tool allows users to go from "zero to governed claw in under five minutes." DefenseClaw will be available on GitHub starting March 27.
Governing the Claws
The announcement of DefenseClaw was made at the annual RSA security conference in San Francisco. Cisco highlighted that only 5% of agent-based AI in enterprises has successfully passed production tests, according to a survey conducted among large enterprise clients. DJ Sampath noted that OpenClaw, an open-source agent-based AI framework, is becoming an essential tool for tech enthusiasts. OpenAI has hired Peter Steinberger, the creator of OpenClaw, while Nvidia has developed its own version of the framework, NemoClaw. Sampath shared a personal anecdote, explaining how he and his wife use OpenClaw to organize their children's schedules, illustrating how quickly these tools are developing in an ungoverned manner.
The underlying message of Sampath's blog is clear: the "claws" are already present, and it is time to address them securely. In a related development, Meta, the owner of Facebook, Instagram, and WhatsApp, has acquired the social bot platform Moltbook, which has demonstrated the advantages and disadvantages of using OpenClaw to its full potential.
DefenseClaw is designed to integrate with various tools, such as OpenShell, the recently unveiled code sandbox software from Nvidia at its GTC conference. Cisco also mentioned the importance of its own scanning tools. Sampath posed crucial questions: "Who manages the blocklists? Who receives alerts when something goes wrong at 2 AM?" The answer is DefenseClaw.
Three Main Functions of DefenseClaw
According to Sampath, DefenseClaw serves three essential functions. First, it scans every piece of code before execution. "Every skill, every tool, every plugin, before being allowed into your claw environment, and every piece of code generated by the claw is scanned." This scanning operation consists of several individual tools, such as Cisco's open-source skill scanning tool.
Second, the tool detects threats by scanning all incoming and outgoing messages from the agent in real-time. Third, DefenseClaw automatically blocks a "skill," such as an email server account, by removing those permissions from the sandbox. The sandbox, in this case, can be Nvidia's OpenShell. Sampath emphasized that automatic prevention of operations "is not a suggestion; these are walls."
Sampath provided an example of running the tool from the command line to first scan an installation operation for OpenClaw:
defenseclaw skill install community/jira-triage
With such a request, DefenseClaw "will first scan, check your block/allow lists, generate a manifest, and only then install. Nothing bypasses the admission gate."
Cisco uses its log analysis tool Splunk as a reference monitoring system for all claws, Sampath stated. "Every claw is born observable," he wrote, "All direct to Splunk as structured events as soon as your claw is online."
In fact, Cisco announced several additional extensions for Splunk aimed at making the tool more like an automated security operations center (SOC). For example, a Guided Response Agent, which will be in alpha version "soon," Cisco stated, "will help SOC teams move from detection hypothesis to production in minutes with accuracy—allowing teams to quickly import, adjust, and tag detections."
A Multifaceted Toolset
DefenseClaw is one of many elements in a security toolset for agent-based AI that Cisco announced on Monday. Other components include enhancements to Cisco Secure Access to enforce agent identity verification and access control, as well as to apply zero-trust procedures to every agent created.
Cisco claimed it is going beyond simple code scanning with the introduction of tools to simulate potential risks, that is, simulating real threats. A new offering, Cisco AI Defense: Explorer Edition, "will conduct multi-turn adversarial testing for the models and applications that power agent workflows," and will examine the AI models themselves to "validate resistance to prompt injection, jailbreaks, and other unsafe outputs."
Cisco is also offering an agent execution SDK that it claims will "integrate policy enforcement" into the code as it is developed.
A Competitive Market
Cisco is being praised for its clever branding with DefenseClaw in what is set to become a highly competitive market. Virtually all enterprise vendors are committed to securing, authenticating, and potentially blocking agents in production.
This includes traditional cybersecurity companies managing zero trust, such as Palo Alto Networks and Zscaler; DevOps companies handling code scanning, like JFrog and GitLab; and observability companies offering tools for code supervision both at development time and runtime, such as Dynatrace and Datadog.
And then there are Anthropic, OpenAI, and Google, all of which offer tools for code scanning and related tasks.
It remains to be seen whether Cisco's control over enterprise networks—holding a dominant share in campus and wide-area routing and switching—will give the company an edge against these many other offerings. It is also unclear whether companies will fully delegate the issue to their security teams or simply push developers to be more cautious with their code from the outset.
Some companies might simply throw up their hands and completely ban "claws."
Brief IA — L'actualité IA en français
L'essentiel de l'actualité de l'intelligence artificielle, décrypté et expliqué chaque jour.