RSAC 2026: The Rise of Agentic Identity and Security
Image design by Aragon Research, rendering by Gemini.
By Jim Lundy
RSAC 2026: The Rise of Agentic Identity and Security
The cybersecurity landscape shifted fundamentally this week as autonomous agents moved from experimental concepts to the center of the RSA Conference floor. This transformation validates the market direction first established when Aragon Research pioneered the Agentic Identity and Security category in June 2025.
Major players and startups alike are now racing to define how AI Agents and Assistants are identified, governed, and secured. This blog overviews the Agentic Identity and Security announcements at RSA 2026 and offers our analysis.
Why did vendors announce Agentic Identity and Security products?
The industry reached a breaking point where human-led security operations could no longer keep pace with the speed of AI-driven threats and internal automation. Vendors such as Cisco, CrowdStrike, Google Cloud, Okta, and Palo Alto Networks launched these solutions to address the governance gap created by autonomous agents that act without direct human intervention. The closing of the Wiz acquisition by Google and the debut of the AgentiX AI Agent Workforce by Palo Alto Networks demonstrate a market-wide pivot toward automated, agentic security operations centers. Note, the full list of announcements is below.
These announcements aim to provide a control plane for what is becoming a non-human workforce. By introducing protocols like the Model Context Protocol (MCP) for tool communication and “kill switches” for autonomous entities, Cisco, Okta, and 1Password are attempting to provide the safety nets required for enterprise adoption. The focus has moved beyond simple chatbots to sophisticated agents that can triage alerts, investigate threats, and even modify code in real-time.
Analysis
The flood of announcements at RSA indicates that the industry is no longer just securing AI; it is rebuilding the security stack to be operated by AI. While the press has focused on the individual product launches, the deeper trend is the emergence of the Agent Control Plane as a mandatory architectural layer. This represents a massive shift for the identity market, as traditional Identity and Access Management (IAM) systems were never designed to handle the high-velocity, short-lived permissions required by autonomous agents.
We believe that the “Universal Logout” and “Kill Switch” features introduced by identity providers will soon become a baseline requirement for any enterprise software purchase. The market is also seeing a rapid consolidation of cloud security and agentic operations, as evidenced by Google folding Wiz into its Agentic SOC vision. Organizations that fail to adopt an agent-first identity strategy will find themselves with a new form of “Shadow AI” where autonomous agents have privileged access but no accountability or visibility.
What should enterprises do about Agentic Identity and Security?
Enterprises should move beyond the pilot phase and begin formalizing an Agentic Identity and Security strategy immediately. This involves insuring that AISP is part of your overall Agentic architecture. Also a key action is auditing the environment for existing autonomous agents and evaluating how current Security providers can handle non-human identities. It is critical to assess whether your current security stack supports the Model Context Protocol (MCP) to ensure interoperability between different agentic tools and platforms.
Organizations should specifically evaluate the “kill switch” capabilities of their identity vendors to ensure they can revoke agent permissions instantly if an anomaly is detected. Transitioning to an Agentic SOC model should be considered a multi-year journey, starting with lower-risk triage tasks before moving to autonomous remediation. Business and Security leaders must prioritize platforms that offer unified visibility across human, machine, and agentic identities to prevent silos in governance.
Bottom Line
The RSA Conference of 2026 marks the official arrival of the Agentic Identity and Security era that Aragon Research anticipated a year ago. The sheer volume of announcements from industry titans like Microsoft, CrowdStrike, and Cisco proves that autonomous agents are now the primary frontier for both defense and risk. Enterprises must shift their focus from securing users to governing autonomous actors, ensuring that every agent has a clear identity, a defined scope of authority, and a reliable way to be deactivated.
Appendix: The List of AISP Announcements before and during RSAC 2026.
| Company | News Announcement | Date |
| 1Password | Launched 1Password Unified Access, a new platform to discover and audit access for humans, AI agents, and machine identities in one view. | March 23, 2026 |
| Apiiro | Expanded its Guardian Agent (AI coding security agent) to include AI Threat Modeling, identifying risks before code is written. | March 24, 2026 |
| Arctic Wolf | Launched the Aurora Agentic SOC, built on a “Swarm of Experts” framework to allow multiple AI agents to collaborate on threat defense. | March 24, 2026 |
| Astrix Security | Introduced a four-method AI agent discovery architecture and the Agent Control Plane (ACP) to govern agent behavior at runtime. | March 23, 2026 |
| Britive | Announced strategic Partnership with Cisco for integration with Cisco Duo | February 2026 |
| BeyondTrust | Announced new Agentic Risk Analysis capabilities and research on “Shadow AI Agents” with privileged access. | March 24, 2026 |
| Black Duck | Released Black Duck Signal, an AI-native security tool designed to reason and remediate risk in agentic development workflows. | March 24, 2026 |
| Cisco | Launched Agentic IAM for Duo and agent discovery in Cisco Identity Intelligence. Introduced MCP policy enforcement in Secure Access (SSE). | March 23, 2026 |
| CrowdStrike | Unveiled the Charlotte AI AgentWorks Ecosystem with partners (OpenAI, NVIDIA, Salesforce) to build and orchestrate secure security agents. | March 25, 2026 |
| Dataminr | Launched Dataminr for Cyber Defense, an agentic AI solution that autonomously investigates and quantifies risk from external signals. | March 24, 2026 |
| Dropzone AI | Introduced AI Threat Hunter, an autonomous agent that proactively searches for threats across the environment without human intervention. | March 24, 2026 |
| Google Cloud (Wiz) | Formally closed the $23B Wiz acquisition and launched the Agentic SOC with new Triage and Investigation agents in Google Security Operations. | March 25, 2026 |
| Microsoft | Expanded Security Copilot with new “Security Triage” and “Security Analyst” agents that autonomously investigate identity and cloud alerts. | March 20, 2026 |
| Oasis Security | Announced Agentic Access Management (AAM) capabilities alongside a $120M Series B to secure agentic workflows in hybrid environments. | March 19, 2026 |
| Okta | Announced Okta for AI Agents and a “Blueprint for the Secure Agentic Enterprise,” treating AI agents as first-class identities with a universal “kill switch.” | March 23, 2026 |
| Palo Alto Networks | Debuted AgentiX AI Agent Workforce for Cortex XSIAM and announced intent to acquire Koi, a pioneer in agentic endpoint security. | March 24, 2026 |
Have a Comment on this?