Bringing the Cyber Community into the Battle Against Agentic Insecurity at RSAC 2026

Security practitioners grapple with the challenges of enterprise AI adoption and the need for greater trust and governance

Mar. 30, 2026 at 6:58pm by Ben Kaplan

Got story updates? Submit your updates here. ›

A highly detailed, luminous 3D illustration depicting the complex web of interconnected cybersecurity hardware and data flows, with various components and cables glowing with neon cyan and magenta lights, conceptually representing the challenges of securing enterprise AI systems.Glowing cybersecurity infrastructure symbolizes the need for greater trust and governance in the face of rapid AI adoption.San Francisco Today

At the RSAC 2026 Conference, security professionals and vendors discussed the rapid enterprise adoption of agentic artificial intelligence and the need to adapt cybersecurity strategies to address the 'known unknowns' introduced by these new technologies. Vendors showcased innovative solutions to help security teams manage the flood of data and risk indicators, secure software supply chains, and regain control over mobile attack surfaces.

Why it matters

The rapid rise of agentic AI and autonomous systems within enterprises is outpacing the cybersecurity community's ability to effectively secure and govern these new technologies. As the attack surface expands and the cost of attacks decreases, security teams must find ways to collaborate with AI agents, prioritize vulnerabilities, and rebuild trust in an increasingly complex digital landscape.

The details

Security practitioners at RSAC 2026 were overwhelmed by the sheer amount of data introduced as organizations scale up ephemeral services and nondeterministic agents. Vendors like Spektion Inc. and Sentra Inc. showcased platforms to help discover, track and visualize real-time data to identify vulnerabilities and prioritize remediation. Cribl Inc. demonstrated how its data flow optimization tools can help security teams better manage and search the influx of agent-generated telemetry. Dropzone AI Inc. introduced its autonomous threat hunting capabilities, while Ridge Security Inc. discussed the need to verify findings from agentic AI tools. Securing the software supply chain was also a key focus, with vendors like GitGuardian and Socket Inc. addressing issues like secrets sprawl and malicious open-source components. Mobile security also emerged as a critical concern, with Approov Ltd. and Appdome Inc. presenting solutions to harden the mobile attack surface and provide device-level attestation.

  • In the last six months, the attack surface has expanded rapidly while the cost of an attack has come down significantly.
  • Google stated that we will be working in a post-quantum world by 2029, highlighting the need for quantum-safe computing.

The players

Jen Easterly

RSAC Chief Executive, who emphasized the cybersecurity community's role as 'protectors and defenders' in the face of rapid technological change.

David Stuart

Senior Director of Product Marketing at Sentra Inc., a vendor offering AI data readiness capabilities to monitor enterprise agents and models.

Kara Sprague

CEO of HackerOne Inc., an agentic threat exposure and offensive testing platform, who discussed the challenges of human-AI collaboration in security operations.

Edward Wu

Founder and CEO of Dropzone AI Inc., which showcased its autonomous SOC hunt capabilities.

Lydia Zhang

Co-founder and President of Ridge Security Inc., who noted the need to verify findings from agentic AI tools.

Got photos? Submit your photos here. ›

What they’re saying

“We're delivering trust in a world that desperately needs trust, a world with the most consequential technology change in our lifetime, moving us faster and faster.”

— Jen Easterly, RSAC Chief Executive

“Copilot and assistant agent adoption is accelerating fast within enterprises, but it is often being gated by security concerns about the data layer, and having telemetry about that data that they can trust to build controls.”

— David Stuart, Senior Director of Product Marketing, Sentra Inc.

“Humans are being told they have to use AI tools to do a better job, but they don't understand how they work, so they are becoming huge sources of data leakage. CISOs and security teams will have to adjust the way they operate and focus on what is truly exploitable.”

— Kara Sprague, CEO, HackerOne Inc.

“We want to compress 20 to 40 hours of manual threat hunting into an automated one- to two-hour process to make daily threat hunting affordable.”

— Edward Wu, Founder and CEO, Dropzone AI Inc.

“There's a lot of money being thrown at agentic AI but we don't just need findings, we need to deliver results and evidence to back it up. Hallucination is a valid concern, so we use one agent to find issues and another to verify proofs within our autonomous penetration testing.”

— Lydia Zhang, Co-founder and President, Ridge Security Inc.

What’s next

Google stated that we will be working in a post-quantum world by 2029, highlighting the need for enterprises to improve their quantum-readiness and meet emerging standards and compliance requirements.

The takeaway

The rapid rise of agentic AI and autonomous systems within enterprises has outpaced the cybersecurity community's ability to effectively secure and govern these new technologies. Security teams must find ways to collaborate with AI agents, prioritize vulnerabilities, and rebuild trust in an increasingly complex digital landscape, while also addressing emerging threats like quantum computing and securing the software supply chain.