Cisco Releases DefenseClaw: Open-Source Framework for Securing AI Agents

A New Shield for AI Agents

The proliferation of AI agents across enterprise environments has created a security gap that traditional tools were never designed to address. At RSAC 2026 on March 23, Cisco stepped into that gap with DefenseClaw — an open-source framework purpose-built for scanning, monitoring, and securing AI agents across their entire tool ecosystem. It is designed to install in approximately five minutes and immediately begin identifying vulnerabilities in the MCP tools, plugins, and resources that AI agents rely on.

The timing is significant. As organizations deploy AI agents with increasing autonomy — agents that can access databases, execute code, interact with APIs, and manage files — the attack surface expands in ways that conventional endpoint and network security cannot fully cover. DefenseClaw addresses this by treating the AI agent itself, along with its tool integrations, as a first-class security domain requiring continuous monitoring and active defense.

How DefenseClaw Works

At its core, DefenseClaw integrates four specialized security components into a unified scanning and response pipeline. The Skills Scanner evaluates the capabilities and permission scopes of AI agent skills, identifying overly broad access patterns that could be exploited. The MCP Scanner examines Model Context Protocol tool configurations for known vulnerabilities and misconfigurations. AI BoM (Bill of Materials) catalogs every component in an AI agent's operational stack, providing visibility into the full dependency chain. CodeGuard performs static and runtime analysis of agent-generated code before execution.

When DefenseClaw detects a threat, it can act fast. The framework is capable of revoking sandbox permissions and quarantining suspicious files within two seconds of detection — a response time that matters when dealing with autonomous agents that can take consequential actions in milliseconds. The system continuously monitors for new security issues rather than performing one-time scans, which means the security posture adapts as agents evolve and new tools are connected.

Built on Open Standards and Open Source

DefenseClaw builds on the NVIDIA OpenShell framework and ships with a Splunk connector for organizations that want to feed agent security telemetry into their existing SIEM infrastructure. The decision to release DefenseClaw as open source is deliberate — Cisco recognizes that AI agent security is an industry-wide challenge that benefits from community contributions, transparent auditing, and rapid iteration.

The framework will be available on GitHub starting March 27, giving security teams and AI developers immediate access to integrate it into their agent deployment pipelines. The open-source approach also means the community can extend DefenseClaw with custom scanners and response actions tailored to specific agent frameworks and use cases.

Why This Matters Now

The AI agent ecosystem is growing faster than the security tooling to protect it. Organizations are deploying agents that interact with production systems, handle sensitive data, and make autonomous decisions — often with security practices borrowed from traditional software development that do not account for the unique risks of agentic AI. DefenseClaw represents one of the first comprehensive, purpose-built answers to this challenge, and its open-source availability ensures that the entire industry can benefit from stronger AI agent security practices.

Sources: [SiliconANGLE](https://siliconangle.com) (March 23, 2026), [Cisco Blog](https://blogs.cisco.com) (March 23, 2026), [Cisco Newsroom](https://newsroom.cisco.com) (March 23, 2026)