Cisco Donates Project CodeGuard Security Framework to Coalition for Secure AI

Summary

Cisco has donated Project CodeGuard, an AI model-agnostic security coding agent framework, to the Coalition for Secure AI (CoSAI), an OASIS Open Project. The framework addresses growing security concerns around AI-assisted software development by embedding security best practices directly into AI coding workflows. As AI coding agents like GitHub Copilot and Cursor transform software engineering, they can inadvertently introduce vulnerabilities such as hardcoded secrets, weak cryptography, and missing authentication checks.

Project CodeGuard provides comprehensive security coverage across multiple domains including cryptography, input validation, authentication, authorization, and supply chain security. The framework operates across the entire development lifecycle—guiding secure design before code is written, preventing vulnerabilities during code generation, and supporting AI-assisted code review afterward. It integrates seamlessly with popular AI coding assistants using a unified markdown format that translates to IDE-specific implementations.

The framework will be developed through a dedicated Special Interest Group within CoSAI's AI Security Risk Governance Workstream, enabling collaboration among technical contributors, researchers, and organizations. CoSAI brings together over 40 industry partners including Google, Microsoft, NVIDIA, IBM, and Meta to advance secure AI practices. By making Project CodeGuard freely available as open source, Cisco aims to elevate security standards across the AI development industry and address vulnerabilities at the speed and scale that AI coding demands.

• Development will continue through a Special Interest Group within CoSAI, which includes over 40 industry partners including Google, Microsoft, and NVIDIA