Cisco Foundry Security Spec: Open specification for agentic security evaluation (github.com)

Cisco has introduced the Foundry Security Specification, an open framework designed for agentic AI security evaluation. This specification encapsulates the lessons learned from multiple internal deployment iterations, crystallizing effective design principles while intentionally leaving organization-specific decisions open for customization. Foundry provides a structured blueprint, enabling teams to evaluate AI models by constructing their own implementations based on eight core agent roles and a comprehensive set of functional requirements. The design fosters ongoing improvements, turning static rule sets into dynamically self-enhancing systems through collaborative operational experiences. The significance of Foundry lies in its potential to standardize and elevate security practices within the AI/ML community. By providing a structured yet flexible architecture, it empowers organizations with the tools to build robust security evaluation systems tailored to their unique infrastructure. The integration of CodeGuard rules, which facilitate an evolving corpus for detecting vulnerabilities, coupled with exploratory agent capabilities, creates a continuous feedback loop of learning and improvement. This innovation not only enhances the reliability of AI models but also serves as a resource for researchers and development teams aiming to establish secure foundations for future AI applications.