LAS VEGAS -- With the first of a new class of frontier AI models designed to sniff out vulnerabilities due out in a matter of weeks, Cisco execs issued ominous warnings about a dawning era in cybersecurity -- one they say only agentic AI defenses can handle.
Anthropic Claude Mythos, first revealed in April, is so efficient at rooting out security flaws that its initial preview release was limited to about 50 major organizations, including Cisco, Google, the Linux Foundation and Microsoft. During the first month of that preview phase, Project Glasswing, partners found more than 10,000 high- or critical-severity security flaws in commonly used applications, including more than 1,000 open source projects.
With Project Glasswing expanded to a further 150 Anthropic partners on June 2 and Mythos set to reach general availability in the next few months, the day is quickly approaching when attackers will be able to use it to hunt vulnerabilities as well. In fact, they are already likely scanning many customers' networks with other agentic AI tools, said Liz Centoni, executive vice president and chief customer experience officer at Cisco, during a Cisco Live conference keynote here on June 3.
"Right now, as you're sitting here in this room, there are networks being mapped by AI at machine speed, finding … end-of-life vulnerable devices in minutes," Centoni told the keynote audience. "My job is to make sure that when that happens to your network, you already saw it coming."
Centoni followed the warning with a demonstration of a SaaS tool for streamlining Technical Assistance Center (TAC) interactions, called Cisco IQ, which reached general availability in late April. Among the tool's features is an automated, real time asset inventory that customers can use to find network devices that are about to reach the end of support -- the most vulnerable in corporate networks -- before an attacker does.
Cisco IQ also automatically populates TAC sessions and routes support requests to the right Cisco engineer before a customer engagement begins, speeding troubleshooting. In July, Cisco IQ will add on-premises support, quantum-readiness assessments, peer benchmarking and a resilience assessment service.
"You've always had the map," Centoni said as she concluded her presentation. "Now you have the GPS."
'It was scary good'
Cisco customers have been quick to embrace Cisco IQ -- since it reached general availability five weeks ago, it has been used by more than 2,000 customers, Centoni said. Early adopters have also tested AI agents included in the new Cisco Cloud Control platform for network troubleshooting, with positive results so far.
"It was scary good," said Don Cheney, senior network engineer at Washington Trust Bank, who beta tested the Cloud Control AI assistant's Deep Reasoning mode with some of the bank's Cisco Meraki Wi-Fi devices over the past month. "I used it for anything from, I had a client that was complaining about a connection, all the way to, 'What do I need to do to start deploying Access Manager in Meraki?'"
Deep Reasoning uses agents grounded in networking skills developed by Cisco to conduct diagnostic assessments of complex network issues, validate their reasoning against telemetry data, and recommend specific investigative responses to human operators.
"It wasn't just, 'Here's some Cisco documentation, go read it.' It knew what network I was in inside Meraki, so I didn't have to point it anywhere," Cheney said. "It would paste everything on the screen with literally a step-by-step of 'Here's what I see, here's maybe four steps that you could use to go troubleshoot this and links where you can go inside the Meraki dashboard to look at these things.'"
IT pros: You can't hurry trust
However, AI-guided troubleshooting investigations are one thing -- agentic autonomy, particularly for security functions, is another, Cheney said.
"This is our first big step through the door [with AI]," he said of his networking team. "Trusting AI is definitely something that is going to have to come slow for us."
A separate information security team at the bank handles the company's cybersecurity, and Cheney said he wasn't sure whether that team is considering Cisco's agentic AI security tools. In general, the bank has kept tight restrictions on which AI tools employees can use, Cheney said, due to concerns about sensitive data exposure.
The state of Indiana already uses some AI observability tools for incident resolution, such as Splunk AppDynamics, Secure Application and Cisco ThousandEyes, which has netted a 148% ROI over the last three years, according to Brad Welsh, program manager of the state’s observability program in the Office of the CTO. The state is also evaluating Cloud Control and Splunk's agentic AI security and observability tools, and weighing a move from Elastic to Cisco Data Fabric.
But, like Washington Trust, the state has taken a conservative stance on AI, driven by concerns about protecting sensitive data. So far, it has confined the use of Microsoft Copilot and Anthropic Claude agents to a subset of users at its physical office locations and not allowed AI agents internet access, Welsh said.
"I've always operated with the 'crawl, walk, run' methodology, and we're very much crawling right now," he said.
The state is conducting an extensive request-for-proposals process to update observability and security tooling for the agentic era, but it will take time to evaluate the many market players, including Splunk rivals Dynatrace and Datadog, and shift to an entirely new stack for AI security and observability, Welsh said.
Many of Cisco and Splunk's newest AI observability and security tools were still at an alpha or beta stage when the state's Department of Revenue saw demos and conducted proof-of-concept tests over the past seven months, Welsh said. Some, such as the advanced Splunk SOC agents, still haven't reached general availability.
"One of the very good questions that our CTO asked was, 'When are these feature sets going to be made available?', and God bless them, it's hard to pin them down," he said. "They have all this great technology that they're coming up with, but when are we going to be able to use it?"
Another Cisco customer, Room & Board, a furniture retailer in Golden Valley, Minn., already has a Splunk data lake in place. Its networking team also handles network security for the organization, and Cisco's warnings about agentic AI security threats are resonating, according to its senior network engineer, Mark Rodrigue.
I think we will get there. But 'Move fast and break things' doesn't work in infrastructure. Because when we break things, everybody suffers.
Mark Rodrigue, Senior network engineer, Room & Board
Rodrigue said Cloud Control's Deep Reasoning found a wireless connectivity issue at the company's headquarters, which he wasn't aware of, while his team was testing AI Canvas over the last month. He also plans to start testing the Cisco Agentic Workflows tool in the Meraki dashboard soon for advanced tasks, such as building new Meraki sites.
However, it will take more time to fully build trust in autonomous AI agents for network operations and security, mainly through close human oversight and seeing consistent results over time, Rodrigue said.
"I think we will get there," he said. "But 'Move fast and break things' doesn't work in infrastructure. Because when we break things, everybody suffers."
'A massive patch avalanche'
While finding vulnerabilities with Mythos is speedy, fixing them is a much slower and potentially more onerous process, Centoni said.
"The reality is all of us are facing a massive patch avalanche," she said. "We're getting the huge onslaught of vulnerabilities that Mythos says it has exposed, and we're figuring out how to prioritize it, but the organizations that don't move decisively inside of this window, they're not going to get a second chance."
There's ultimately no replacement for fully patching systems, but this week Cisco unveiled a new stopgap feature, Live Protect, which can add compensating controls for newly discovered vulnerabilities on Cisco Nexus 9000 data center switches without requiring a reboot.
Other agentic AI security updates presented during Cisco Live this week included:
Integration between Cisco's Nexus switches and Isovalent's observability tools will support security and runtime protection for agents through Cisco AI Defense. That product was launched last year, and this week added support for red teaming.
Cisco is on trend with its own OpenClaw sandbox, called DefenseClaw, which is part of the Cisco Secure Client.
Splunk shipped agents for security operations center (SOC) tasks such as malware revising, triage and an automation builder. It also previewed an alpha-stage detection builder and guided response agents.
Cisco launched an Agent Gateway, tied in with its Secure Client, Secure Access and Duo products. The gateway performs discovery of AI agents on corporate networks, including how AI agents are associated with human managers and what delegated tasks they can perform. Authorization controls for MCP servers and LLMs will follow in July and August. DNS-based agent discovery and the ability to scope agents' role-based access permissions separately from humans will be available in August and September.
Cisco President and Chief Product Officer Jeetu Patel teased upcoming agentic identity management features that will follow the close of the Astrix Security acquisition that Cisco made public in May. "You should expect us to be very committed to making sure that every machine, every service, every agent within your organization will have an identity apparatus from Cisco," Patel said during a June 2 keynote.
Beth Pariseau, senior news writer for Informa TechTarget, is an award-winning veteran of IT journalism. Have a tip? Email her or connect on LinkedIn.
Dig Deeper on Systems automation and orchestration
