RSAC 2026: Everyone trying to secure AI agents, various 'claws'

Cisco expanded its security offerings for AI agents including DefenseClaw, an automated open-source agent security framework built on Nvidia's OpenShell.

DefenseClaw was a headliner for a series of new agentic AI security efforts from Cisco. DefenseClaw brings together open source tools to ensure every agent skill is scanned and sandboxed, has a verified MCP server and features inventoried AI assets.

Cisco added zero trust access to agents with discovery and identity tools in Cisco Identity Intelligence, Identity and Access Management in Duo and model context protocol policy enforcement.

Cisco also launched Cisco AI Defense: Explorer Edition, which is a self-service developer tool to build and secure AI agents. Cisco AI Defense: Explorer Edition includes red teaming for agentic workflows, model testing, AI security insights and collaboration tools. Cisco also launched an Agent Runtime Software Development Kit that will embed policy enforcement into frameworks from AWS (Bedrock and AgentCore), Google Cloud's Vertex Agent Builder and Microsoft Azure's AI Foundry.

DJ Sampath, SVP of AI Software and Platform at Cisco, said DefenseClaw will be available March 27 on GitHub. Sampath said he has a DGX Spark in his house running OpenClaw and it has been a productivity booster, but also a security risk. Nvidia's NemoClaw filled in one part of the OpenClaw equation for enterprises and DefenseClaw is aimed at securing it.

• AI Forum 2026: "There are claws everywhere now"
• Nvidia GTC 2026: Nvidia launches NemoClaw, eyes to pair with DGX Spark, DGX Station

Cisco wasn't the only big vendor announcing AI agent security efforts. Microsoft outlined AI security dashboards, shadow AI detection and multiple tools that ride along with Agent 365, which will be available May 1.

• Constellation ShortList™ Cloud Native Application Protection Platforms (CNAPP)
• Constellation ShortList™ Endpoint Protection Platforms
• Constellation ShortList™ Security Information and Event Management (SIEM)

Other announcements tied to RSAC 2026 include:

• CrowdStrike announced new tools for its Falcon platform focused on endpoint protection for AI agents. CrowdStrike added EDR AI Runtime Protection, Shadow AI Discovery for Endpoint and AIDR for Endpoint. The new tools are aimed at discovering AI applications, agents, LLM runtimes and MCP servers and securing
• SentinelOne added Prompt AI Agent Security and Prompt AI Red Teaming to prevent OpenClaw-ish security issues. The company also said its Purple AI Auto Investigation is now generally available. SentinelOne also added that it has integrated technology from Observo AI into its Singularity AI SIEM platform.
• Rubrik announced its Semantic AI Governance Engine (SAGE) aimed at AI agent security. SAGE powers the Rubrik Agent Cloud, which governs and secures AI agents. SAGE includes semantic policy interpretation in natural language, a proprietary small language model, adaptive policy improvement and integrated remediation. Rubrik and Microsoft also announced more integration for identity attack response.

More:

• Fortinet’s sees advantage in AI, chip, data center investments
• CrowdStrike: Data flywheel gives it moat vs AI agents, adds tailwind
• AWS lays out multicloud plans for Security Hub
• Google Cloud with Wiz eye multi-cloud, multi-model security
• The Platform Story Meets Privilege Reality: CyberArk as Palo Alto’s Missing Control Plane
• Palo Alto Networks acquires Koi, adds AI agent endpoint security, reports Q2