← Latest news 
Cisco open sources Foundry Security Spec to make AI cybersecurity findings verifiable and auditable at machine speed
Technology
Published on 15 May 2026
Its “done” signals aim to stop AI from freelancing
Cisco has open-sourced the Foundry Security Spec, an AI security evaluation blueprint designed to replace noisy, unverifiable alerts with structured, auditable findings. Built for machine-speed threats, it counters frontier-model hallucinations using orchestration, bounded outputs, and clear completion signals. The spec is model-agnostic and stack-neutral, and it’s released as two artifacts: Spec.md with ~130 requirements and Constitution.md with 11 inviolable principles tied to real failures Cisco encountered.
- Foundry shifts security evaluation from alerts to structured, auditable findings
- It uses agent roles and guardrails to keep AI outputs bounded and prioritized
- Published as Spec.md and Constitution.md, totaling about 130 functional requirements plus principles
- The approach is model-agnostic and stack-neutral, working across different LLMs and infrastructure
- Defenders can plug into GitHub spec-kit workflows for spec-driven evaluation
- Cisco says it is not a turnkey scanner and requires human governance and local adaptation
Read the full story at IndianWeb2
This summarization was done by Beige for a story published on 
IndianWeb2