ClawHosters ClawHosters
Subs -30% SUB30
Cisco Launches DefenseClaw at RSAC 2026: Open-Source Security for OpenClaw
$ ./blog/news
News

Cisco Launches DefenseClaw at RSAC 2026: Open-Source Security for OpenClaw

ClawHosters
ClawHosters by Daniel Samer
3 min read

Four weeks ago, Cisco called OpenClaw "an absolute security nightmare." Now they've built the fix. On March 23 at RSA Conference 2026, DJ Sampath, Cisco's SVP of AI Software and Platform, announced DefenseClaw: an open-source governance layer that scans every OpenClaw skill and MCP server before they run.

Sampath runs OpenClaw at home on a DGX Spark. He gets the appeal. He also gets the risk.

What DefenseClaw Actually Does

Five scanning tools, one goal: stop malicious code before it executes.

Skill-Scanner checks skills for known vulnerabilities. MCP-Scanner does the same for MCP server connections. A2A-Scanner covers agent-to-agent communication. CodeGuard runs static analysis on generated code. And an AI Bill-of-Materials generator creates a full inventory of what your agent depends on.

The system runs pre-execution scans, monitors runtime threats, and enforces block/allow lists. As SiliconANGLE reported, it ships with native Splunk integration for enterprise logging. The whole thing builds on NVIDIA's OpenShell sandbox runtime from GTC the week before.

When you block a skill, it's not just a label. "Its sandbox permissions are revoked, its files are quarantined, and the agent gets an error if it tries to invoke it," Sampath wrote. Same treatment for blocked MCP servers: removed from the sandbox network allow-list, all connections denied.

Deploy time? Under five minutes. GitHub availability is March 27, 2026 at github.com/cisco-ai-defense/defenseclaw.

Why This Matters

The numbers tell the story. 135,000+ exposed OpenClaw instances. Roughly 800 malicious skills found on ClawHub after the ClawHavoc supply chain attack hit about 20% of the registry. A CVSS 8.8 RCE vulnerability (CVE-2026-25253) that allowed one-click code execution. The entire security industry at RSAC 2026 is building OpenClaw protection tools. Cisco just released the most complete one so far.

What This Means for ClawHosters Customers

If you're self-hosting OpenClaw, DefenseClaw should be on your install list the day it drops. For ClawHosters customers, this validates what we've been doing from day one: isolated containers, enforced authentication, automated safety scanning, and patches applied within hours. Cisco building a dedicated OpenClaw security product confirms that AI agent security isn't optional. It's the baseline.

Frequently Asked Questions

DefenseClaw is an open-source security framework from Cisco that scans OpenClaw skills, MCP servers, and generated code before execution. It includes five tools: Skill-Scanner, MCP-Scanner, A2A-Scanner, CodeGuard, and an AI Bill-of-Materials generator. Available on GitHub from March 27, 2026.

No. ClawHosters already provides equivalent protections: container isolation, authentication, network restrictions, and automated safety scanning. DefenseClaw is primarily valuable for self-hosters who need to build their own security layer.

Cisco says under five minutes. It builds on NVIDIA's OpenShell sandbox runtime and integrates with Splunk for enterprise logging.
*Last updated: March 2026*

Sources

  1. 1 Cisco called OpenClaw "an absolute security nightmare."
  2. 2 announced DefenseClaw
  3. 3 SiliconANGLE reported
  4. 4 github.com/cisco-ai-defense/defenseclaw
  5. 5 ClawHavoc supply chain attack
  6. 6 self-hosting OpenClaw
  7. 7 ClawHosters
  8. 8 automated safety scanning
$ ./related --posts