Brokers are highly effective as a result of they do greater than reply questions. They name instruments, retrieve context, and act throughout a number of steps. That’s what makes frameworks like Google’s Agent Growth Package (ADK) so helpful, and additionally it is what adjustments the safety downside. Cisco AI Protection offers runtime safety for AI brokers. With this integration, AI Protection now plugs into Google’s ADK and carries the identical runtime controls from native improvement to Agent Runtime on Gemini Enterprise Agent Platform.
Google’s ADK is used to construct tool-using brokers. Agent Runtime is the managed runtime to deploy them. This integration makes it straightforward to maintain Cisco AI Protection runtime safety hooked up in each locations.
The safety downside adjustments with brokers
The actual threat is not only that an agent produces a foul reply. The larger subject is that untrusted immediate content material can affect instrument habits, and gear output can ship delicate knowledge again into the mannequin. As soon as brokers begin interacting with exterior techniques, the safety query shifts from “What did the mannequin say?” to “What did the agent do, and what knowledge crossed runtime boundaries?” That’s the place runtime safety issues.
Whether or not an agent runs regionally or on Gemini Enterprise Agent Platform, groups want a strategy to examine and implement coverage throughout the total execution path—not simply on the first mannequin name. They want visibility into what crosses these boundaries and a mechanism to resolve whether or not a run ought to proceed, be noticed, or be stopped.
Cisco AI Protection provides safety with out disrupting the developer circulate
The Cisco AI Protection integration for Google’s ADK is designed so as to add runtime safety controls with out forcing builders to rebuild their utility round a separate safety workflow. As an alternative of making a parallel management airplane, it plugs into the ADK lifecycle builders are already utilizing.
Begin with two traces of code
For a neighborhood ADK agent, the quickest path is deliberately small:
from aidefense_google_adk import defend agent = defend(agent, mode="implement")
That’s the easiest agent-level integration. You retain the ADK agent construction you have already got and fix coverage enforcement on to it.
Deploy the identical protected agent to Agent Runtime
As soon as the agent is protected, you should use the usual ADK deployment circulate to run it on Agent Runtime:Â
app = agent_engines.AdkApp(agent=agent)
remote_agent = shopper.agent_engines.create(
agent=app,
config={
“necessities”: [“google-cloud-aiplatform[agent_engines,adk]>=1.112”], “staging_bucket”: “gs://YOUR-STAGING-BUCKET”,
},
)
The essential element is that safety is hooked up earlier than deployment. The identical protected ADK agent can transfer from native improvement into Agent Runtime with out requiring a distinct safety sample.
Why ADK is the best integration level
Google ADK is a powerful seam for runtime safety as a result of it already defines clear lifecycle boundaries round mannequin and gear execution. These boundaries create pure inspection factors:
- Earlier than a mannequin name
- After a mannequin response
- Earlier than a instrument name
- After a instrument response
These are the moments the place agent habits adjustments. Untrusted immediate content material can form a instrument request. Software output can leak delicate knowledge again into the mannequin. Runtime safety is only when it sits at these transitions as a substitute of being scattered throughout prompts and customized wrappers.
Two methods to connect safety in ADK
There are two important integration patterns relying on whether or not you need shared app-wide controls or agent-specific safety.
Â
1) App-level plugin
Use the plugin path whenever you need shared safety throughout the ADK app runtime.
plugin = defend(mode="implement") app = App(title="my_app", root_agent=agent, plugins=[plugin])
2) Agent-level callbacks
Use callbacks whenever you need safety hooked up on to a particular agent.
from aidefense_google_adk import make_aidefense_callbackscbs = make_aidefense_callbacks(mode="implement") cbs.apply_to(agent)
Use the plugin for app-wide controls; use callbacks whenever you need agent-specific safety.
Monitor vs. implement
This distinction often issues most to each builders and platform groups.
For instance, a delicate knowledge request is likely to be noticed in monitor mode after which blocked in implement mode at tool_response, as a result of that’s the level the place the violation turns into seen. That distinction issues. Monitor helps groups perceive threat in a reside workflow. Implement turns the identical determination level right into a runtime management.
What a block determination appears like
That is what makes enforcement auditable for builders and safety groups. Resolution: block
- Stage: tool_response
- Classification: PRIVACY_VIOLATION
- Rule: PII
In easy phrases, this implies the request was allowed to proceed till the instrument returned delicate knowledge, and the runtime blocked the circulate on the level the place the violation grew to become seen. For builders, that is particularly helpful as a result of it explains not simply that a run was stopped, however the place the unsafe habits surfaced.
From native ADK to Agent Runtime on Gemini Enterprise Agent Platform
Probably the most sensible advantages of this integration is that the identical ADK utility mannequin works throughout two environments:
- Native ADK runs for quick improvement and iteration
- Hosted Agent Runtime runs for managed deployment
That doesn’t imply each runtime floor appears equivalent on a regular basis. Hosted proof ought to nonetheless be handled as request-correlated knowledge tied to a particular invocation, with logs used as supporting context. However the identical coverage mannequin follows the agent from native improvement into the hosted runtime. Groups don’t want one safety sample for native testing and one other for deployment. The identical runtime controls journey with the agent.
Constructed on the official Google’s ADK path
This integration makes use of the extension factors that Google’s ADK already offers as a substitute of asking builders to work across the framework. That issues for 2 causes:
- It retains the applying readable.
- It makes the safety layer simpler to undertake in regular ADK workflows.
For groups evaluating platform match, that may matter as a lot because the coverage consequence itself. Safety ought to really feel like a part of the framework lifecycle—not a parallel workflow bolted onto the facet.
Why this integration issues
Google’s ADK and Gemini Enterprise Agent Platform make it simpler to maneuver from prototype to hosted agent runtime rapidly. That’s good for improvement pace, however it additionally means agent habits can attain actual techniques sooner. If runtime safety is just too disruptive, groups will delay it. If it matches naturally into the ADK mannequin, lets groups begin in monitor mode, and offers a transparent path to implement, it turns into a lot simpler to maintain safety turned on because the agent matures.
Ultimate ideas
The worth of this integration comes right down to a easy mixture:
- A small ADK integration floor
- Reside proof in each native ADK and hosted Agent Runtime
- Clear runtime choices in monitor and implement modes
- Deployment flexibility: groups can route calls both on to Cisco AI Protection or by means of Google Cloud’s Agent Gateway, relying on how they wish to operationalize enforcement
That mixture turns agent safety from an summary requirement into one thing builders can consider rapidly and undertake with confidence.
Get began with Cisco AI Protection on Google ADK and Vertex Agent Engine
- The quickest strategy to see the worth is to run the identical agent workflow in Monitor and Implement and examine what AI Protection does at runtime: what it flags, what it blocks, and the “blocked and why” determination hint.
- Begin right here (reside demo runner):
- If you wish to run it your self end-to-end, use the official Google ADK path and examine native vs hosted habits with AI Protection enabled:
- Google ADK + Vertex quickstart
- Native Google ADK demo
- Hosted Vertex AI Agent Engine demo
- To get entry to an AI Protection analysis (together with API key), request a demo right here: cs.co/aidefensedemo
Get began with Cisco AI Protection on Google’s ADK and Agent Runtime
- The quickest strategy to see the worth is to run the identical agent workflow in Monitor and Implement and examine what AI Protection does at runtime: what it flags, what it blocks, and the “blocked and why” determination hint.
- Begin right here (reside demo runner):
-
If you wish to run it your self end-to-end, use the official Google’s ADK path and examine native vs hosted habits with AI Protection enabled.
- To get entry to an AI Protection analysis (together with API key), request a demo right here: https://www.cisco.com/c/en/us/merchandise/safety/ai-defense/request-demo.html?linkclickid=main
Why this issues
Google’s ADK is the framework for constructing tool-using brokers and Agent Runtime is the managed runtime to deploy them. Cisco AI Protection Runtime Safety is designed to observe that very same path, so the identical runtime coverage enforcement applies in native improvement and in hosted execution on Agent Runtime.
