A refund agent paid out $1,200 to a customer who had only paid $700. The mistake was a use case shown live on the Cisco Live 2026 keynote stage: AI agents make unexpected mistakes, and companies putting them to work at scale need a way to catch those mistakes before they multiply across millions of transactions.

Day 2 covered three areas: AI-ready data centers, workplaces built for the future, and keeping businesses resilient when things go wrong. Each had a live demo running inside Cisco Cloud Control.

Security Patches Used to Take Days. Live Protect Changes That Equation.

Tom Gillis, who runs Cisco's data center and security business, opened with a challenge anyone who has waited weeks for a security update will recognize. The old approach: design the system, lock it down, prove it is safe, and then try never to touch it again. Hackers today can find a newly announced vulnerability and start exploiting it within hours, not the weeks or months companies traditionally needed to deploy a fix.

Live Protect is Cisco's answer. When a vulnerability is announced, the platform finds every exposed device on the network and pushes a protective measure directly to the affected equipment with no downtime and no reboot required. More than 1,000 companies have already downloaded the version of Cisco's switch software that includes it. ServiceNow was named on stage as a company running it live on production equipment today.

This protective measure is not the same as a patch. It is a bridge that holds while the real patch is prepared. As companies get comfortable watching it work, the goal is to let it deploy automatically without anyone approving each action individually.

"Simplicity without sacrificing sophistication. That is what the platform delivers."

Jeetu Patel, Cisco Live 2026 Day 2 Keynote

Your Network Team and Your App Team Are Guessing at Each Other. Here Is What That Costs.

Most large organizations have a problem that nobody likes to admit: the team managing the network and the team managing the applications they run have almost no shared visibility into what the other is doing. When something slows down or breaks, both teams are looking at different dashboards, working from different assumptions, and sometimes pointing at each other while the problem persists.

Swetha Velamuri demonstrated how Cisco's management platform now extends visibility into containerized application environments, the modern way companies package and run software, so that a security policy covering a payment application can be defined once and applied consistently across every layer of the infrastructure it touches. A compliance requirement that used to require two separate teams to implement separately now takes one definition.

A second demo showed how Cisco embedded security inspection directly into its network switches rather than routing all traffic through a separate security device first. That routing detour adds delay, creates a single point of failure, and slows the whole network down. Moving the inspection into the switch itself removes the detour entirely, with security enforced at the point of entry and defined once inside Cloud Control.

Agents Earn the Right to Act on Their Own. They Are Not Born With It.

The workplace segment, led by Anurag Dhingra, opened with a conference room being set up on stage when a deliberately introduced network problem took the whole room offline in front of 20,000 people. The failure was scripted to show what AI monitoring looks like in a real crisis.

An AI agent running quietly in the background, without being asked, spotted the problem, traced it to its cause, worked out the fix, and sent a message through WebEx with its full reasoning and a recommended action. Then it waited. The engineer read through the agent's logic, agreed with the recommendation, approved it, and the network came back up.

After the fix worked, the system offered the engineer a choice: for this type of problem in the future, should the agent be allowed to act without waiting for approval? The engineer decides. The agent earns that expanded trust by showing its work and getting it right, one reviewed decision at a time.

Before any significant change goes to a live network, engineers or agents can test it against a virtual copy of the network that mirrors the real environment exactly, same software version, same configuration. A change that might take down a production system can be tested safely first.

Finding the Source of a Problem in 45 Seconds Instead of Hours

Splunk, now part of Cisco and led inside the company by Kamal Hathi, pulls together data from the network, the applications running on it, the infrastructure underneath, and the AI systems on top into a single place. Cloud Control's AI can then reason across all of it at once rather than each team working from their own separate view.

The demo showed a streaming application running slowly. An engineer opened the AI Canvas interface, which pulled data from every layer simultaneously and identified the cause: a network path problem between the internet provider and the application, outside Cisco's own systems entirely. That conclusion arrived in 45 seconds. Working through separate dashboards across separate teams, the same investigation would have taken hours and generated significant internal friction along the way.

Lauren White then demonstrated what an AI-powered security team looks like in practice. An AI agent running around the clock sorted through incoming security alerts and marked 92 percent of them as low-priority noise, so the human team only saw the ones that mattered. When a genuine threat appeared, a second agent traced the full sequence of events, cross-referenced what it found against company security procedures, cut off the affected device from the network, blocked the suspicious connection, and opened a support ticket for recovery. From first alert to contained threat, in minutes, without human escalation.

The $1,200 Mistake Was the Most Important Demo of the Day

Jeetu Patel introduced the Galileo co-founder on stage with one unusual detail: it was his second day at Cisco. The acquisition had just closed. Bringing a two-day employee onto the main stage at Cisco Live in front of 20,000 people reflects how seriously Cisco takes the problem Galileo solves.

AI agents make mistakes that nobody predicted during testing and that do not show up in standard system logs. Galileo gives companies a way to watch every decision an agent makes across a complete chain of actions and flag patterns that look wrong before they become costly. When an anomaly is found, the system builds a detection rule that applies to every past and future interaction automatically.

The economics matter at scale. Checking each agent decision using a standard AI model costs around 12 cents per transaction. At millions of transactions a day, most companies end up checking only a sample rather than all of them. Galileo uses a smaller, purpose-built model called Luna that routes evaluations to Cisco's own models, delivering the same accuracy at 98 percent lower cost. Every interaction checked, not a sample, and at a cost that does not become a budget problem as transaction volumes grow.

Cloud Control Is Now an Organizational Commitment, Not a Product Feature

Patel closed with a commitment that applies across the entire company: every product Cisco builds from here will be fully manageable through Cloud Control. Network equipment, workplace tools, security systems, AI agents, and the virtual testing environment all accessible from a single interface, with data from every layer available to the AI reasoning on top.

Cisco has made large platform promises before. What is different here is that every demo on Day 2 ran inside Cloud Control, every customer reference pointed back to it, and the Galileo capability delivered its output through it. Whether that coherence holds as Cisco continues to expand the portfolio is the question worth watching.

The Same Platform Will Eventually Answer Questions IT Never Thought to Ask

Cisco is explicit about who it is building for: IT leaders, security leaders, and customer experience teams. The platform reflects that focus at every level.

A platform that pulls real-time data from the network, the applications running on it, and the infrastructure underneath, unified in one place with AI reasoning on top, does not stay inside IT forever. Supply chain signals, customer experience problems, business performance anomalies, the same system that caught a network failure in a conference room demo can surface patterns a finance leader or operations leader needs to act on. What changes is who is authorized to ask the questions, and whether the business side of the organization has defined those questions yet.

Patel's consistent habit throughout the day of stopping after each demo to explain in plain terms what had just happened, what it costs when that capability does not exist, and why the old approach cannot keep up with the current threat environment, kept a room of 20,000 people ranging from network engineers to chief information officers in the same conversation.

Across two days, briefings and conversations included Amy Chang, Head of AI Threat Intelligence and Security Research; Akshay Bhargava, Vice President of Product Management for AI Software and Platform; Jonathan Chang, Senior Director and Head of Product for Webex CX Cloud; Mangesh Pimpalkhare, Senior Vice President and General Manager of Splunk Platform; Robert Barton, Distinguished AI Engineer; and Eric Knipp, Senior Vice President and General Manager of Cisco Customer Experience Americas, among others. At the evening reception the day before, I had the chance to spend time with Kamal Hathi and get to know him beyond the keynote stage. A leadership team willing to make that kind of time tends to be confident in what it is building.

Cisco Systems. "Cisco Cloud Control." cisco.com, 2026.
Splunk Inc. splunk.com, 2026.
Galileo. galileo.ai, 2026.

About Shashi Bellamkonda

Loading bio…

LinkedIn Profile

Get new posts by email:

Subscribe

Powered by