Cisco has open-sourced the Foundry Security Spec, which standardises IT system security assessments using LLMs.

A report by Techzine on May 12 said the Foundry Security Spec is provided as a specification rather than code, allowing any organisation to implement it for its own environment.

The Foundry Security Spec defines security evaluation roles, guardrails and domains, and a detection agent systematically analyses code according to the specification. Another agent validates results and filters out false positives. A coverage tracker monitors whether the entire IT environment has been checked and presents results in an auditable form. Cisco said the results are at a level that can be explained to chief information security officers and auditors and used to demonstrate validity.

The Foundry Security Spec consists of 2 documents. One is a “spec” that includes the core roles of 8 agents, 5 extended roles and about 130 functional requirements. The other is a “constitution” containing 11 unchanging principles, written based on errors actually experienced by Cisco’s internal security team.

It was designed to be readable by both AI agents such as Claude Code and Codex and by developers. Cisco recommended using CodeGuard, which it open-sourced in October and donated to the Secure AI Alliance (CoSAI) in February, together with the Foundry Security Spec.