DefenseClaw Cisco AI security

Security governance for the entire AI agent lifecycle.

Scan skills and MCP servers before admission, inspect prompts and tool calls at runtime, pause risky actions for human approval, and export the evidence to your existing security stack.

Connectors
13
Decision modes
Observe · Action · HITL
Evidence rails
5

Guided example · Synthetic event data

Cursor attempts to send a sensitive file externally

DefenseClaw inspects a pending shell action, correlates two findings, and blocks it before execution.

Deterministic
{  "kind": "enforcement_decision",  "trace_id": "trace-demo-017",  "session_id": "demo-session-017",  "connector": "cursor",  "decision": "block",  "severity": "critical",  "rules": [    "secret.file-read",    "shell.data-egress-pipe"  ],  "executed": false}{  "kind": "enforcement_decision",  "trace_id": "trace-demo-017",  "session_id": "demo-session-017",  "connector": "cursor",  "decision": "block",  "severity": "critical",  "rules": [    "secret.file-read",    "shell.data-egress-pipe"  ],  "executed": false}
DecisionBlock before execution
Reason

shell.data-egress-pipe reached CRITICAL severity

Action

Write a correlated enforcement event

07

Record evidenceThe decision and findings share one traceable audit record.

Step 7 / 7
What DefenseClaw did — and did not do

What it did

  • Inspected the event before execution
  • Correlated rule evidence and applied the active severity mapping
  • Recorded a synthetic enforcement event

What it did not do

  • Execute the displayed command
  • Send data to an external service
  • Offer HITL for a CRITICAL finding

A continuous control plane

One control plane for the agent lifecycle

Admission, runtime, and evidence operate as one sequence instead of three disconnected security products.

01

Before execution

Discover, register, scan, and quarantine capabilities before an agent can load them.

  • AI discovery
  • Skill + MCP scanning
  • Registry admission
02

During execution

Inspect prompts and tool calls at the connector’s strongest available interception point.

  • Runtime rules
  • Policy enforcement
  • Human approval
03

After execution

Correlate each decision with durable evidence and export it to the security stack you already use.

  • Audit history
  • Observability
  • OTLP + Splunk + webhooks

Connector-aware enforcement

Use the strongest control each agent exposes

DefenseClaw normalizes the decision contract while preserving the difference between native ask, downgraded confirm, and pre-execution blocking.

ConnectorPre-execution blockNative askFail closed
Claude CodeYesYesYes
CodexYesNoYes
OpenClawYesYesYes
CursorYesYesYes
HermesYesNoNo
OpenCodeYesNoYes
OmniGentYesYesYes
Compare all 13 connectors

Start with evidence

Put a guardrail around your first agent in five minutes.

No LLM key is required for deterministic runtime rules or static scanner checks.