By Erik van Klinken
Publication Date: 2026-05-12 13:38:00
LLMs are proving increasingly useful for security research. Cisco aims to standardize and streamline the process of evaluating security in IT systems. With the Foundry Security Spec, now open-source, organizations can, just like Cisco itself, orchestrate LLMs in a predictable manner for mature security evaluations.
The reason this is a spec and not a single line of code is relatively simple. Cisco has indeed written all kinds of code for its own security evaluations, but by its own admission, that code would be of little help to other parties. “Our internal systems are tightly coupled to Cisco’s infrastructure: our cloud provider, our issue tracker, our LLM gateway, our development platform, our severity taxonomy [for vulnerabilities or security threats],” the company explains on its GitHub page. Nevertheless, this specification serves as a useful guide.
From LLM plumbing to business language
When you essentially “fire” an LLM at your IT…
