Overview
- Cisco announced a Zero Trust extension for AI agents that adds discovery, access control, and real‑time protection, with features still in development and customer onboarding planned over the coming months.
- Agent visibility starts with a directory that discovers and registers agents and tool servers, ties each agent to a human owner, and plugs into enterprise identity systems for consistent authentication and lifecycle control.
- Access is constrained to least privilege using fine‑grained, time‑bound credentials, with an authorization gateway applying the same policies across tools so enforcement focuses on what an agent is allowed to do, not just where it can connect.
- Runtime monitoring inspects intent and actions across APIs and tool brokers to spot abnormal behavior, blocking things like prompts that trick an agent, use of the wrong tool, or attempts to reach sensitive data.
- Cisco’s survey reports 85% of organizations are trying agentic AI but only 5% run it broadly in production, with nearly 60% citing security as the main blocker, 29% ranking agent security a top‑three priority, ownership split across CISO, CIO, and AI committees, and successful use concentrated in internal IT, SecOps, finance, and R&D.