Cisco has announced significant security innovations designed for the agentic AI ecosystem, where software no longer just answers questions—it acts. At RSA Conference 2026, Cisco is introducing solutions to address AI security issues and remove a top barrier to agent adoption.
By establishing trusted identities, enforcing strict Zero Trust Access controls, hardening agents before deployment, enforcing guardrails at runtime, and giving security operations center (SOC) teams the tools to stop threats at machine speed, Cisco is building security into the foundation of the emerging AI economy.
“AI agents aren’t just making existing work faster; they’re a new workforce of co-workers that dramatically expand what organizations can accomplish,” said Jeetu Patel, President and Chief Product Officer at Cisco. “Projects shelved for lack of resources are now within reach. The only limit is imagination, and security teams are the key to unlocking this opportunity by making the agentic workforce safe enough to trust.”
In a recent Cisco survey of major enterprise customers, 85% reported experimenting with AI agents, but just 5% had moved agentic technology into production.
To unleash the vast potential of AI agents, Cisco is addressing three key pillars to securing the agentic workforce. First: Protecting the world from agents, ensuring they can only act as intended. Second: Protecting agents from the world, ensuring they can’t be manipulated or corrupted. Third: Detecting and responding to AI incidents at machine speed and scale.
Protect the world from agents: Establish trust before agents go to work
Like new employees, AI agents need onboarding to establish their identity, understand their function, and map them to an accountable human manager. Yet today, most enterprises are unaware of which agents are running, let alone who is responsible if something goes wrong. Existing SSE tools weren’t built to enforce time-bound access for agentic workload identities, nor can they understand context behind agent requests.
According to the 2025 Cisco Talos Year in Review release today, attackers overwhelmingly targeted a subset of components that directly authenticate users, enforce access decisions, or broker trust between systems. Adversaries’ focus on identity will only accelerate with the rise of agentic workloads.
To address these challenges, today Cisco is extending Zero Trust Access to AI agents, holding them accountable to a human employee and securing agentic actions. New Duo IAM capabilities integrate with novel MCP policy enforcement and intent-aware monitoring in Cisco Secure Access to enforce strict access control, uniquely helping organizations gain full visibility and governance over their agentic workforce. These capabilities include:
Agent Identity Management: Customers can register agents in Duo IAM and map them to accountable human owners, ensuring every agent has a verified identity and enabling traceability of actions.
Agent and Tool Visibility: Cisco Identity Intelligence discovers agentic and non-human identities to help organizations understand existing AI usage.
Strict Access Control: Agents are assigned fine-grained permissions only for the specific tasks they perform or resources they need for a short duration, with all tool traffic routed through an MCP gateway to eliminate blind spots.
“Organizations are eager to embrace AI, but they need to do so without creating security coverage gaps. Cisco’s Zero Trust Access for AI agents gives visibility into agentic identities and restricts access to exactly what’s needed,” said Jeremy Nelson, CISO North America, Insight. “We’re excited to bring these capabilities to customers to secure their data while scaling their AI initiatives.”
“In this dynamic agentic tech environment, strict access control for AI agents is critical but challenging to enforce consistently with legacy tools designed for human users. This creates uneven enforcement and blind spots, leading to gaps that agents in an agentic world will inevitably exploit,” said Fernando Montenegro, Vice President & Practice Lead, Cybersecurity & Resilience, Futurum. “Cisco’s platform approach is well-positioned to address these challenges by modernizing tooling to ensure consistent, adaptive security for AI agents.”
Protect agents from the world: AI Defense safeguards the agentic workforce
As businesses race to deploy AI agents across increasingly complex and distributed environments, Cisco is expanding AI Defense with powerful new tools that help organizations test, trust, and secure their AI agents and the interactions between them.
Traditional scanning tools cannot simulate the real-world threats agents encounter, which are marked by longer conversations and access to tools and resources.
To empower more organizations to meet this challenge head-on, Cisco is democratizing the industry-leading capabilities of AI Defense by launching Cisco AI Defense: Explorer Edition. This new self-service solution is built on the same core AI Defense Validation engine trusted by Global 2000 customers. After signing up, users can begin red teaming the AI models and applications that will be deployed into agentic workflows to uncover susceptibility to attacks and measure risk posture before deployment. This toolkit enables AI developers, AppSec teams, and security researchers to build and secure AI agents.
