Cisco Foundry Security Spec: Open specification for agentic security evaluation
Cisco has introduced an open specification for agentic AI security evaluation called Foundry. This specification is based on extensive internal experience and aims to provide a flexible architecture for organizations to build their own implementations. It emphasizes the importance of design decisions and offers a framework for continuous improvement in security evaluations.
- ▪Foundry Security Spec is an open specification developed by Cisco's Advanced Security Initiatives Group.
- ▪The specification includes core agent roles, governance requirements, and functional requirements with rationale.
- ▪Foundry is designed to be infrastructure-neutral, allowing organizations to implement their own systems based on the provided blueprint.
Opening excerpt (first ~120 words) tap to expand
Foundry Security Spec An open specification for agentic AI security evaluation, from Cisco. Cisco's Advanced Security Initiatives Group has built and operated an agentic security evaluation internally across several iterations and deployment models, and along the way accumulated a long list of design decisions that turned out to matter and a longer list that turned out not to. Foundry distills that experience into a single, organization-neutral specification. It is the design that, across those iterations, consistently proved most effective. It is not our code. It is the shape of a system that works, with every lesson we learned written down as a requirement and every place where the right answer depends on your infrastructure left as an explicit open question.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at GitHub.