AI Could Help Security Teams Move Faster, Say Cisco and OpenAI Leaders

Trust Is the Foundation of Agentic AI

As enterprises begin experimenting with AI agents that can take actions on behalf of users, security becomes a prerequisite for broader adoption.

Hintz described two categories of guardrails that organizations will need to implement. The first includes behavioral controls built into AI models themselves to ensure that agents follow organizational policies and user intent. The second includes more traditional security controls, such as access management, sandboxing and execution restrictions.

Together, those controls allow organizations to safely grant agents greater autonomy.

“If we can have guardrails that we really trust,” Hintz said, “then we can trust the agents to actually take more actions.”

The discussion comes as many organizations evaluate how to deploy AI agents that can perform tasks ranging from software development to cybersecurity operations and workflow automation.

READ MORE: Businesses automate workflows with AI solutions.

Cisco Uses AI to Find and Fix Vulnerabilities

Cisco is already applying AI to cybersecurity operations internally, Grieco said.

Historically, security teams have often acted as governance organizations that identify vulnerabilities and ask others to remediate them. Grieco said that model is changing.

Instead, Cisco’s security organization is increasingly using AI to identify vulnerabilities and help development teams fix them.

“We’re using these models in a fully automated, harnessed way inside of my organization to identify potential vulnerabilities and then work with product teams to help get them fixed,” Grieco said.

In some cases, AI systems are generating proposed code fixes that can be reviewed by developers.

The approach is helping Cisco scale vulnerability discovery and remediation efforts across a large software portfolio. Grieco said Cisco has scanned 1.8 billion lines of code during the past eight weeks using automated AI-driven processes.

The company has also developed CodeGuard, an open-source project designed to inject security best practices directly into AI-assisted software development workflows.

The goal is to make secure coding practices part of the development process itself rather than something that occurs later during reviews.

DIVE DEEPER: AI agents can support lean security teams.

AI May Strengthen Cyberdefenses Faster Than Expected

While many organizations remain concerned about attackers using AI, Cisco Live panel speakers expressed optimism that defenders may gain significant advantages from the technology.

Hintz argued that AI can help organizations automate threat detection, incident response and vulnerability management at a scale that would be impossible for human teams alone.

He also predicted that AI-powered security capabilities could become accessible to organizations that previously lacked the resources to hire large cybersecurity teams.

“In three years,” Hintz said, “everyone is going to have their own cybersecurity experts in a machine that are going to do all the security for them.”

Grieco offered a similar vision. He described a future in which security becomes increasingly dynamic, with AI agents continuously monitoring systems, detecting anomalies and responding automatically to emerging threats.

Both leaders cautioned that organizations still need to address foundational security practices, such as multifactor authentication, network segmentation and patch management. AI can accelerate both defense and attack, they said, meaning organizations that neglect basic cyber hygiene may find themselves more vulnerable as adversaries gain access to more powerful tools.

Still, the panelists expressed confidence that AI can ultimately improve cybersecurity outcomes if organizations embrace the technology responsibly.

“The more we’re leading the adoption,” Grieco said, “the better we’re going to have a shot at ending up in a happier place.”