3 ways Cisco's DefenseClaw aims to make agentic AI safer
Cisco's new open-source tool aims to govern the runaway adoption of AI agents like OpenClaw.
Cisco Systems has launched DefenseClaw, an open-source security orchestration layer designed to bring governance to the rapidly expanding but risky world of agentic AI. Announced at the RSA Conference, the tool directly addresses the security concerns that have stalled enterprise adoption, with Cisco citing that only 5% of agentic AI projects have moved from testing to production. DefenseClaw is built to secure popular frameworks like the viral OpenClaw—whose creator was hired by OpenAI—and Nvidia's NemoClaw, providing the critical oversight layer Cisco says has been missing as these 'claws' become personal and enterprise butlers.
DefenseClaw operates by performing three core security functions. First, it scans every piece of code—skills, tools, plugins—before execution within an agent environment. Second, it monitors and detects threats by scanning all messages entering and leaving an agent at runtime. Third, it can automatically block unauthorized agent operations, such as accessing an email server, by removing permissions from the sandbox environment, which could be Nvidia's OpenShell. Cisco's DJ Sampath emphasized these are enforced 'walls,' not suggestions. The tool, which will be available on GitHub, uses Cisco's own scanning tools and Splunk for log analysis to manage block lists and alerts, aiming to provide a governed environment for AI agents in under five minutes.
- Automatically scans all agent code and runtime messages for threats before execution.
- Enforces automatic blocking of unauthorized agent 'skills' with permission removal in sandboxes like Nvidia's OpenShell.
- Targets the 95% adoption gap by providing the missing security layer for frameworks like OpenClaw and NemoClaw.
Why It Matters
Provides the critical security orchestration needed for enterprises to safely deploy autonomous AI agents from testing into production.