Reports
AI-generated structured vendor updates
Cisco AI Defense Policy Studio: Meta-Prompting Unwritten Policy into Auditable Guardrails
Cisco introduces AI Defense Policy Studio, an AI assistant that guides policy owners through authoring custom guardrails via a chat-and-review UI. It uses meta-prompting to translate informal guidance into human- and model-readable policy documents, directly deployable to Cisco AI Defense for runtime enforcement across models and applications.
Cloudflare as Customer Zero: Layered Defense Architecture Against Frontier AI Threats
Cloudflare reveals its production defense architecture against frontier AI models, using itself as customer zero. Combines WAF Attack Score, API Shield, Bot Management, Zero Trust, and MCP Server Portal. Core insight: architecture around the vulnerability matters more than patch speed, using ML scoring and positive security models to block attack variants before they hit, and contain lateral movement after a breach.
Cloudflare AI Gateway Adds Identity-Driven Budgets, Seizing AI Traffic Control
Cloudflare launches spend limits and identity-driven budgets (closed beta) in AI Gateway, integrating with Cloudflare Access. It enables per-user, per-team dollar budgets with fallback routing, shifting AI cost governance from model providers to the gateway control plane.
Cisco AI Defense + AppOmni Extends Runtime Guardrails to SaaS AI Agents
Cisco integrates AI Defense with AppOmni, using AgentGuard as a real-time intercept layer inside SaaS environments. Custom guardrails now apply to Microsoft 365 Copilot, ServiceNow Now Assist, and other SaaS agents, monitoring MCP, chat, and agent-to-agent channels to block prompt injection, tool exploitation, and data exfiltration with a unified policy engine.
Cisco Agent Gateway: Zero Trust Evolves from Access to Action Control for AI Agents
Cisco launches Agent Gateway for Secure Access, extending Zero Trust from access control to action-level control for AI agents. Using Duo for agent identity, it enforces policies across LLMs, MCP servers, and SaaS APIs, with server-side credential injection and unified audit—addressing the unique security challenges of autonomous agent workflows.
Cisco Shifts AI Network Control from K8s Black Box to Unified Fabric via Isovalent and VXLAN ESG
Cisco integrates Isovalent's eBPF into Nexus One for pod-to-fabric visibility and introduces VXLAN ESG-based AI job segmentation, embedding security and multi-tenancy into the network fabric. This targets the Kubernetes 'black box' bottleneck in AI inference, unifying control and troubleshooting.
Cisco AI Defense Update: Agent Supply Chain Security as Platform Lock-In
Cisco updates AI Defense for agent security with adaptive red teaming, Policy Studio, and automated agent dependency graph scanning. It claims platform-agnostic protection across AWS Bedrock, Google ADK, LangChain, but deeply ties into Cisco Secure AI Factory with NVIDIA, raising concerns about lock-in and runtime overhead.
NVIDIA BlueField DPU In-Silicon Security Shifts AI Factory Control from Software to Hardware
NVIDIA unveils DOCA security stack (Argus, Vault, Flow) on BlueField-4 DPU, enabling hardware-isolated runtime threat detection via zero-copy memory analysis, zero-trust file access, and 800 Gb/s network enforcement. This shifts security control from host OS to DPU silicon, delivering distributed full-stack protection without compromising AI throughput, but deeply ties to Vera Rubin platform, creating ecosystem lock-in.
Google Antigravity Control Plane Redefines AI Development, Locks Agent Orchestration
At I/O 2026, Google launched Antigravity 2.0 desktop app and CLI/SDK as a unified agent control plane, alongside Gemini 3.5 Flash/Omni models, Managed Agents API, and native Android support in AI Studio. This aims to streamline AI development from prototype to production, but effectively locks developers into Google's ecosystem and cloud services.
Cisco Replaces Human Annotators with LLM Constitutional Definitions for AI Safety Consistency
Cisco introduces Single-Source Safety Definitions, replacing human annotators with LLMs that re-read 300+ line constitutional documents per classification. This AI-first approach achieves 57x reduction in inter-model disagreement, adds intent/content dual-axis scoring, and becomes the default safety taxonomy for Cisco AI Defense, shifting control from humans to machine-readable specifications.
Microsoft Partners with US and UK Government AI Security Institutes to Advance Frontier Model Evaluation
Microsoft announced new agreements with the US Center for AI Standards and Innovation and the UK AI Security Institute to collaboratively test its frontier models, assess safeguards, and advance the science of AI evaluation, including adversarial assessments and high-risk capability evaluation. This aims to address national and public safety risks through government-industry collaboration.
Cisco Provides AI Defense Proactive Testing Platform via DevNet Lab
Cisco released a hands-on DevNet lab for its AI Defense Explorer Edition, enabling developers to conduct agent-driven red teaming on AI models and applications in a self-service manner. The tool uses natural language to define attack objectives and simulates multi-turn adaptive attacks, aiming to shift security testing left in the development lifecycle.
Cisco Acquires Astrix Security to Strengthen Non-Human Identity and AI Agent Security Control Plane
Cisco announces its intent to acquire Astrix Security, a Non-Human Identity (NHI) security specialist. The goal is to integrate AI agent and credential (API keys, service accounts) security management deeply into Cisco's Identity Intelligence platform and Zero Trust Access solutions. This move signals a shift in the security control plane from traditional human-machine interactions towards securing automated AI agent workloads, addressing the new attack surface created by AI agents abusing credentials.
In-depth Analysis of CISA Agentic AI Security Guidelines
CISA released the world's first Agentic AI security deployment guidelines on May 1, 2026, marking a critical transition from theoretical discussions to mandatory compliance requirements.
Microsoft Publishes Cybersecurity Responsibility Framework for AI Era, Emphasizing Public-Private Collaboration and Modernized Vulnerability Management
Microsoft published a framework on securing the global digital ecosystem with next-generation AI, arguing that as AI accelerates vulnerability discovery, response and remediation must keep pace. The document outlines five recommendations, emphasizing public-private collaboration, responsible release of AI capabilities, and modernizing vulnerability management processes.
Cisco Publishes Model Provenance Constitution, Defining Weight-Level Derivation Standards
Cisco published the 'Model Provenance Constitution' to provide a normative definition for AI model supply chain safety. The standard strictly hinges on the verifiable derivation history of model weights, clearly delineating five types of provenance links (e.g., direct descent, distillation) and eight exclusions (e.g., independent reproduction), aiming to resolve industry inconsistencies in model provenance definitions.
Cisco Open Sources Model Provenance Kit, Targeting AI Supply Chain Security Governance
Cisco released the open-source Model Provenance Kit, which uses a tiered strategy to analyze model metadata, tokenizer structure, and weight-level signals to generate unique fingerprints and verify the lineage and integrity of AI models. This aims to address risks of tampering, forgery, and compliance in the AI model supply chain.
Cisco SD-WAN Updates: AI App Classification, AI Assistant, and Neocloud Connectivity
Cisco's SD-WAN 26.1.1 release focuses on AI-readiness. Key innovations include automatic AI application identification and classification, a generative AI assistant for operations, and integration with Megaport AI Exchange for connecting to distributed GPU and neocloud environments. The goal is to optimize AI traffic performance and security while simplifying network operations.
Cisco Extends AI Defense to Google Cloud for Multi-Cloud Runtime Protection
Cisco has extended its AI Defense security platform to Google Cloud, offering runtime protection for AI models, agentic workflows, and RAG pipelines. This move completes its coverage of the three major public clouds (AWS, Azure, Google), aiming to provide a unified multi-cloud AI security framework for enterprises.
Cisco Launches AI Agent Security Scanner, Shifting Security Control Point to IDEs
Cisco has launched an AI Agent Security Scanner IDE extension designed to identify and mitigate new attack surfaces in the AI development toolchain. The tool provides local, multi-layered protection by statically scanning MCP server configurations and agent skill definitions, embedding secure coding rules during code generation, and continuously monitoring file integrity at runtime.