RSA Conference 2026 / RSAC 2026

- The corpus says 15 cybersecurity CEOs, including leaders from CrowdStrike, SentinelOne, and Netskope, converged on the view that agentic AI creates a major new market and a major new attack surface. - The core risk is uncontrolled agent access to files, credentials, SaaS systems, and corporate workflows.

- Pondurance launched Kanati, described in corpus as an agentic AI SOC with faster threat response and fewer false positives. - This shows how vendors are using agents defensively while warning customers about agent misuse.

- The corpus connects RSAC to Anthropic's Claude Mythos cybersecurity evaluations, including zero-day discovery and sandbox-escape concerns. - NVIDIA's NemoClaw and Anthropic's credential-isolation approaches are used as contrasting security architectures.

- **New security category:** Agent security is becoming a standalone enterprise category, analogous to cloud security or endpoint detection. - **Governance lag:** Enterprises are deploying agents faster than security teams can inventory, permission, and monitor them. - **Vendor platform opportunity:** Microsoft, Cisco, CrowdStrike, Splunk, Anthropic, NVIDIA, and SOC vendors can monetize agent controls. - **Board-level risk:** Autonomous agents operating with credentials convert software misconfiguration into business-process compromise.

- RSAC sessions from Microsoft, Cisco, CrowdStrike, Splunk, Anthropic, NVIDIA, and others are summarized as pushing zero-trust architecture beyond users/devices into autonomous agents. - Required controls include identity per agent, least-privilege credentials, explicit approval flows, isolation boundaries, logging, and revocation.