Live from RSAC 2026: AI, Zero Trust & Cybersecurity Trends You Need to Know – RSAC26 #1
RSAC 2026 kicks off in San Francisco, and CyberRisk TV is live from Broadcast Alley bringing you exclusive insights from the cybersecurity industry’s biggest event.
Join Matt Alderman and Dr. Doug White as they break down what to expect this week, from AI and autonomous security to the continued evolution of Zero Trust. With thousands of vendors, innovators, and practitioners gathered across Moscone and beyond, RSAC 2026 is bigger than ever.
In this episode:
What makes RSAC 2026 so massive (and overwhelming) Key cybersecurity trends: AI, autonomous tech, and Zero Trust How the vendor landscape is evolving Why startups and emerging companies matter Insights into the future of cybersecurity markets
All week long, CyberRisk TV will feature:
Exclusive interviews with cybersecurity leaders Deep dives into emerging threats and technologies On-the-ground coverage from RSAC 2026
Follow full coverage + show notes: https://securityweekly.com/RSAC
- - Welcome to RSAC 2026 – Live from Broadcast Alley
- - What to Expect This Week on CyberRisk TV
- - First Impressions: The Scale of RSAC
- - 20 Years of RSAC – What’s Changed?
- - RSAC Takes Over San Francisco
- - Cybersecurity Buzzwords to Watch (AI, Zero Trust, Autonomous)
- - Are These Trends Actually New?
- - Inside the Expo: Startups vs Big Vendors
- - How Big Is RSAC Really?
- - Why RSAC Is a Must-Attend Event
- - AI Disruption: Who Will Survive?
- - Beyond Moscone: The RSAC Experience
- - Everyone Is Here – The Cybersecurity Gathering
- - Cybersecurity Swag & Fun Moments
- - Cybersecurity Market Trends & IPO Talk
- - AI vs Cybersecurity Stocks – Market Insights
- - Exit Strategies for Cybersecurity Companies
- - Funny Take: Getting Rich in Cybersecurity
- - Old School Security: Punch Cards Demo
- - Classic Hacks & Infinite Loops Explained
- - Why You Should Tune in This Week
- - What’s Coming Next on CyberRisk TV
Modern Phishing Attacks Are Under Multi-Channel Siege – Erich Kron – RSAC26 #1
Recently, there has been a shift in cybercriminals’ behavior, marked by a surge in total phishing attack volume. These attacks are fueled by high-scale automation and a coordinated multi-channel siege targeting corporate collaboration tools. Trusted platforms such as email, Teams, calendars and others are in the cross-hairs, bypassing traditional phishing methods that have worked in the past.
This segment is sponsored by KnowBe4. Visit https://securityweekly.com/knowbe4rsac to learn more about them!
Read the interview summary article from SC Media here: KnowBe4’s Erich Kron on modern phishing attacks
- - RSAC 2026 Interview with Eric Kron (KnowBe4)
- - Phishing: The Ongoing Cybersecurity Threat
- - How AI Is Making Phishing More Dangerous
- - Why Traditional Phishing Clues Are Gone
- - AI Efficiency: Attackers Doing More with Less
- - Defending with AI: New Detection Strategies
- - Rise of Polymorphic Phishing Attacks
- - Detecting Phishing Through Context & Intent
- - Phishing Beyond Email: Teams, Slack & WhatsApp
- - How Attackers Move Across Communication Channels
- - Smishing Tactics & Social Engineering Tricks
- - AI Chatbots Powering Modern Phishing Attacks
- - Real-World Example: AI Chatbots in Action
- - New Defense Tools: Phish Alert for Teams
- - Encryption Creates Security Blind Spots
- - The Challenge of Stopping Smishing Attacks
- - Human Awareness: The Best Line of Defense
- - Trust Issues: Why Familiar Platforms Are Risky
- - Rise of Physical Mail & Toll Scam Attacks
- - Account Takeover: The Bigger Threat
- - Risks of Single Sign-On (SSO) Compromise
- - How to Protect Against Modern Phishing
- - Why AI Is Essential for Cyber Defense
- - The Future of AI Agents in Security
- - Closing Thoughts & RSAC 2026 Coverage
Erich Kron, CISO Advisor at KnowBe4 is an author, a podcast host and regular contributor to cybersecurity industry publications. He is a veteran information security professional with over 30 years of experience in the medical, aerospace, manufacturing, and defense fields. His experience has fueled his passion for helping to address the human side of cybersecurity.
He is the former security manager for the US Army’s 2nd Regional Cyber Center and holds CISSP, CISSP-ISSAP, SACP, and many other certifications. Erich has worked with information security professionals around the world to provide the tools, training, and educational opportunities to succeed in Information Security.
From Reactive to Autonomous: Real-Time Endpoint Intelligence in the Age of AI – Tim Morris – RSAC26 #1
As organizations experiment with agentic AI and autonomous security operations, many are discovering a difficult reality: AI is only as effective as the data and visibility behind it. Yet most enterprises still struggle to answer basic questions about their endpoints in real time.
In this conversation, we’ll explore how IT and security teams are evolving from reactive operations toward proactive, preventative, and ultimately autonomous models. The journey begins with real-time endpoint intelligence—the ability to see, understand, and act across every endpoint in seconds.
This segment is sponsored by Tanium. Visit https://securityweekly.com/taniumrsac to learn more about them!
Read the interview summary from SC Media here: Tanium’s Tim Morris on real-time endpoint intelligence in the age of AI
- - RSAC 2026 Interview with Tim Morris (Tanium)
- - What “Autonomous” Means in Cybersecurity
- - From Reactive to Autonomous Security
- - Why We Must Rethink Autonomous Strategy
- - The Foundation Problem: Bad Data & Visibility
- - Why Asset Visibility Is Still Broken
- - The Industry’s Biggest Blind Spot Explained
- - Fragmented Tools & Data Silos in Security
- - Can Agentic AI Solve the Data Problem?
- - The Evolution of Tanium’s Architecture
- - Why Traditional Data Lakes Fall Short
- - Real-Time Visibility: The Game Changer
- - Distributed AI Agents on Endpoints Explained
- - The Future: Autonomous Security with AI Agents
- - Final Thoughts & RSAC 2026 Coverage
Tim is a visionary leader and an IT and cyber security expert, with decades of experience across industries. He joined Tanium after retiring from Wells Fargo, where he was an SVP and led several teams in cyber operations, engineering, and research. He holds 25 US patents and has written many articles on cyber security topics. He is also a trusted source of insights and opinions for major publications and web shows, where he shares his knowledge and passion for the field.
Tim started his IT career as a developer and sysadmin in manufacturing, then moved to banking, where was a software packaging, scripting, active directory administration, and M&A projects. He has been dedicated to cybersecurity since 2009, specializing in areas such as detection and response, systems and patch management, vulnerability assessment, web-content filtering, malware analysis, red-teaming, and digital forensics.
The Identity Crisis of Agentic AI – Ron Rasin – RSAC26 #1
Identity Security now spans two extremes. On one end, decades-old infrastructure that was never designed to be secure. On the other, rapidly emerging AI agents and non-human identities that organizations are racing to deploy. Most security teams sit in the middle, managing expanding identity risk with a fragmented stack of point solutions.
As AI adoption accelerates, identity risk is scaling just as quickly. And agentic security is, at its core, an identity problem. The more access an AI agent has to corporate systems, the more powerful—and more dangerous—it becomes. Without deep identity context, there is no way to make an informed, real-time decision about whether an agent’s action is legitimate or overreach.
In this session, Ron Rasin examines how the industry’s missteps with Active Directory, service accounts, and machine identities created blind spots that still persist—and how those lessons must shape the way we secure agentic AI from the outset. Ron will outline why identity must serve as the control plane for AI-driven enterprises, and why enforcement must happen at runtime—before access is granted, not after damage is done. He will also share recent Silverfort innovations and partnerships with leading AI platforms to deliver embedded identity controls across human, non-human, and AI identities, including Copilot Studio agents, third-party agents, and hybrid environments.
Because when AI begins authenticating at machine speed, reacting is no longer enough.
Segment Resources:
https://www.silverfort.com/press-news/silverfort-unveils-ai-agent-security/ https://www.silverfort.com/blog/4-ways-ai-agents-change-the-way-we-approach-identity-security/
To learn more about Silverfort and our AI Agent product, visit us at https://securityweekly.com/silverfortrsac.
Read the interview summary from SC Media here: Silverfort’s Ron Rasin on the identity crisis of agentic AI
- - Welcome to RSAC 2026 with Silverfort
- - What Silverfort Does in Identity Security
- - Human vs Non-Human vs AI Identities
- - The Identity Sprawl Problem
- - Why Runtime Access Control Matters
- - Securing Service Accounts with Virtual Fencing
- - Least Privilege for Non-Human Identities
- - The Risk of AI Using Human Credentials
- - Mapping the Full AI Identity System
- - Why Admin-Time Security Is Too Slow for AI
- - Managing AI Risk Across Third-Party SaaS
- - Silverfort’s Integrations with AI Platforms
- - How the Copilot Studio Integration Works
- - Policy-Based Runtime Control for AI Agents
- - Catching Overprivileged AI at Runtime
- - Reporting AI Permissions to Leadership
- - Educating Developers to Build Secure Agents
- - Treating AI Agents Like Human Identities
- - Avoiding Old IAM Mistakes with AI Accounts
- - Delegating Only the Right Privileges to AI
- - Reducing AI Access to What It Actually Needs
- - Solving AI Identity Risk at Runtime
- - What Makes Silverfort Different
- - Closing Thoughts and RSAC 2026 Coverage
As Chief Strategy Officer, Ron leads Silverfort’s strategic alliances with technology partners, as well as our growth operations and business strategy. He brings more than 15+ years of hands-on product management experience and cyber security expertise. Prior to joining Silverfort, Ron was the Director of Product Management at Claroty, and held product management roles at Wix and NCR. Before that Ron served as a Team Leader at the 8200 elite cyber unit of the Israel Defense Forces. Ron holds a B.A in Economics from Tel Aviv University.
X-PHY Delivers Hardware-Enforced Security for the Age of AI Agents – Camellia Chan – RSAC26 #1
Camellia Chan, CEO and Co-Founder of X-PHY, discusses how Model Context Protocol (MCP) is making it easier for AI agents to plug into enterprise apps and operate with elevated permissions—creating new opportunities for attacks and data exfiltration. She explains how X-PHY’s hardware-enforced monitoring and detection sit beyond the OS trust boundary to enforce immutable limits on what agents can do and stop threats before data is lost, so organizations can adopt agentic AI with confidence.
Segment Resources:
To illustrate the speed of scaling and attack surface: Since Anthropic open sourced MCP in late 2024, Anthropic itself published data that demonstrates how fast the ecosystem has scaled, reaching 10,000+ active servers and ~97M monthly SDK downloads within 1 year. Source: https://www.anthropic.com/news/donating-the-model-context-protocol-and-establishing-of-the-agentic-ai-foundation
Security leaders looking to deploy AI agents safely can request a demo or briefing with X-PHY at https://securityweekly.com/xphyrsac or visit our us at RSA at Booth 5256.
Read the interview summary from SC Media here: X-PHY’s Camellia Chan on hardware-enforced security for the age of AI agents
- - Intro – RSAC 2026 Interview with X-PHY CEO
- - What is X-PHY? Hardware-Based Cybersecurity Explained
- - How Hardware Stops Zero-Day Attacks & Human Error
- - AI Inside SSD: Detecting Ransomware at the Hardware Level
- - Server Defender: Monitoring All 7 Layers of Infrastructure
- - Why Software Security Can Be Bypassed
- - Hardware vs Software Security: Key Differences
- - AI for Anomaly Detection in Endpoints & Servers
- - MCP Explained – “USB for AI”
- - Why MCP is Powerful (and Risky)
- - X-PHY + MCP: Hardware Meets AI Security
- - Instant Lockdown: Stopping Attacks at Firmware Level
- - Preventing Data Exfiltration with Hardware Control
- - Hardware Identity + MCP Security Integration
- - Building a “Community of Trust” with X-PHY
- - Cross-Enterprise Trust & Device Authentication
- - Real-World Use Cases (Government & Contractors)
- - Why Hardware Identity is Hard to Compromise
- - Firmware-Level Security vs Traditional HSM
- - Final Thoughts & Closing
Camellia Chan is the Co-Founder and CEO of X-PHY Inc., a pioneering cybersecurity company delivering hardware-based protection at the physical layer. She leads the company’s global strategy, innovation, and partnerships, with a focus on AI-embedded solutions that provide real-time, autonomous defense against modern cyber threats. Under her leadership, X-PHY has developed a growing portfolio of patented technologies and launched award-winning solutions like the X-PHY® Cyber Secure SSD.
Zero Trust That Actually Ships: Moving From Strategy Decks to Real Security – Rohan Ravindranath – RSAC26 #1
Most enterprise organizations have been working at Zero Trust for years but many fail to deliver truly secure environments. Rohan Ravindranath shares valuable insights that Zappsec has gained from guiding the global teams that are getting it right. Discover where things often break down so you can avoid the common pitfalls.
This segment is sponsored by Zappsec. Visit https://securityweekly.com/zappsecrsac to learn more about them!
Read the interview summary from SC Media here: Zappsec’s Rohan Ravindranath on zero trust that actually ships
- - Intro – Zero Trust That Actually Ships (RSAC 2026)
- - The Problem: Zero Trust Stuck in PowerPoint
- - Why Zero Trust Fails in Real Enterprises
- - Security as a “Gate” Is the Core Issue
- - Cloud, Hybrid, and the Security Gap Explained
- - Why Teams Optimize for Speed, Not Security
- - Shift Left: Embedding Security from Day One
- - What Is “Zero Trust as Code”?
- - How to Build Secure Cloud Landing Zones
- - Enforcing Security by Default (Not Optional)
- - Multi-Vendor Environments & Policy Automation
- - Drift Detection & Auto-Remediation Explained
- - How Zero Trust Scales Across APIs & AI Systems
- - Agentic AI in Security – What It Can (and Can’t) Do
- - Why AI Needs Business Context to Work
- - Is Your Infrastructure Ready for AI Security?
- - 90-Day Zero Trust Roadmap (Overview)
- - Days 0–30: Protect Crown Jewel Applications
- - Microsegmentation & Default Deny Strategy
- - Days 30–60: Kill VPNs & Move to ZTNA
- - Identity-Based Security & Continuous Validation
- - Days 60–90: Automate with Zero Trust Pipelines
- - Biggest Mistake: Treating Everything as Critical
- - Final Thoughts & Key Takeaways
Rohan Ravindranath is a cloud and security modernization strategist known for turning Zero Trust from concept into production reality. As Founder & CEO of Zappsec Technologies, he leads global infrastructure transformation programs that converge network modernization, cloud landing zones, microsegmentation, and AI-ready architecture into a unified execution model.
Rohan has directed large-scale initiatives spanning 1,000’s of international sites, embedding identity-driven controls and workload-level segmentation directly into modernization programs.
He is passionate about bridging the gap between security theory and operational deployment, helping enterprises enforce policy, reduce attack surface, and accelerate innovation simultaneously.
Agentic AI: Don’t Make Your SOC Faster at Being Wrong – Georges Bossert – RSAC26 #1
Adding AI agents to an unprepared SOC doesn't make it smarter; it just makes it "faster at being wrong." Georges Bossert challenges the industry hype to explain why true autonomy relies on reliable context and structured runbooks, not just prompts. He will discuss how to build the necessary foundations to automate rapidly without losing control.
Segment Resources:
AI SOC Whitepaper: https://go.sekoia.io/en-ai-soc.html?utmsource=scworld&utmmedium=referral&utm_campaign=RSAC2026
Sekoia AI-Guided SOC Demo: https://www.youtube.com/watch?v=1qkXeseSvE0
Sekoia TDR threat investigations: https://blog.sekoia.io/?utmsource=scworld&utmmedium=referral&utm_campaign=RSAC2026
This segment is sponsored by The Sekoia.io. Visit https://securityweekly.com/sekoiarsac to discover their AI SOC Platform!
Read the interview summary from SC Media here: Sekoia.io’s Georges Bossert on avoiding making SOCs faster at being wrong
- - Intro – Agentic AI in Cybersecurity (RSAC 2026)
- - The Growing Threat of Agentic AI
- - AI in SOC: Opportunity vs Risk
- - Why AI Adoption Starts with Data (Not LLMs)
- - “Garbage In, Garbage Out” in AI Security
- - Why Generic LLMs Fail in SOC Environments
- - The Danger of “Failing Faster” with AI
- - AI Agents = Junior Analysts (Key Analogy)
- - Why Context Is Critical for AI Security
- - AI vs Humans: The Problem of False Confidence
- - When AI Lies (And Why It’s Dangerous)
- - Chatbots vs Real AI Reasoning Systems
- - How Runbooks Power AI Security Automation
- - Feeding Context: Data, Users, Networks & Threats
- - Can AI Agents Actually Improve Over Time?
- - AI Reasoning Playbooks Explained
- - Why Chain of Thought Matters in Cybersecurity
- - The Rise of AI-Powered Threat Detection
- - Biggest Risk: Rushing AI in the SOC
- - When AI Slows You Down Instead of Helping
- - The 3 Pillars of Effective AI Security Operations
- - Final Thoughts & Key Takeaways
Georges Bossert is the Co-founder and Chief Technology and Product Officer of Sekoia.io. An engineer by training and PhD graduate from CentraleSupélec, his research focused on applying machine learning and grammatical inference to cybersecurity.
With over 15 years of experience, he has worked across the full spectrum of cybersecurity — from reverse engineering to leading technology and product strategy.
A former reservist in the French Army’s cyber operations division, Georges now serves as a board member and lecturer at the University of Rennes. He is passionate about innovation, mentoring, and building resilient teams. He was named *Innovator of the Year 2024* by *Le Point* magazine and a 2025 *Cyberscoop 50* finalist.
The SDLC Blind Spot: Why Breaches Start with Identity, Not Code – Raj Mallempati – RSAC26 #1
The target on developers' identities has never been bigger. They hold access to source code, CI/CD pipelines, and cloud infrastructure — and attackers know it. Target lost 860GB of source code through a single compromised credential. Recruitment fraud campaigns have pivoted from developer access to cloud admin in under 10 minutes. These aren't code vulnerabilities — they're access problems. And as AI agents join human developers, contractors, and service accounts in the SDLC, the attack surface is expanding faster than static security tools can track. Security teams need real-time visibility into who has access and what they're actually doing — not just what's in the code.
Segment Resources:
https://www.blueflagsecurity.com/blog/860gb-of-source-code-stolen-no-one-knows-who-did-it-thats-the-problem https://www.blueflagsecurity.com/resources/securing-the-software-supply-chain-addressing-identity-toolchain-and-code-risks
Make sure to schedule a free SDLC Risk Assessment with BlueFlag Security - 30 minutes to deploy. 48 hours to results. Please visit https://securityweekly.com/blueflagrsac.
Read the interview summary from SC Media here: https://www.scworld.com/resource/blueflag-securitys-raj-mallempati-on-why-breaches-start-with-identity
- - Welcome to RSAC 2026 – Developer Security Trends
- - Why Identity & Access Management Still Matters
- - The Hidden Root Cause of Vulnerabilities (Not Just CVEs)
- - Human vs Non-Human Identities & AI Agents Explained
- - Why Enterprises Know the Risk But Ignore It
- - The Visibility Problem in DevSecOps
- - Least Privilege & Reducing Attack Surface
- - Understanding Toxic Interactions in Security
- - Insider Risk vs External Threats in Dev Environments
- - Correlating Data Across Dev Tools for Better Security
- - Managing Shadow AI & Developer Tool Sprawl
- - The Rise of Unsanctioned LLMs in Development
- - Overprivileged Access – The 5% Usage Reality
- - How CISOs Can Secure Without Slowing Developers
- - Balancing Security with Developer Productivity
- - Zero Trust & Least Privilege in Practice
- - Developer Freedom vs Security Governance
- - What is Developer Risk & Governance Platform?
Raj Mallempati is CEO & Co-founder of BlueFlag Security. Prior to launching BlueFlag, he most recently served as COO CIEM at Microsoft, through Microsoft’s acquisition of his prior company CloudKnox Security (acquired 2021). Prior to joining CloudKnox, Raj was the Senior Vice President of Marketing at Malwarebytes. Raj has also held positions as the Vice President of Global Marketing at MobileIron, Vice President of Product Marketing at Riverbed Technology, and was the Director of Marketing and Business Strategy at VMware. He holds an MBA from The Wharton School, University of Pennsylvania, MS, Computer Science from the University of Texas, and a B.Tech from Indian Institute of Technology, Madras.
Introducing Legion Investigator: Goal-Oriented AI Investigations – Ely Abramovitch – RSAC26 #1
Traditional security playbooks often fail because they cannot capture the fluid, context-dependent reasoning required when a routine investigation hits a non-scripted "judgment point." Legion Investigator addresses this gap by employing goal-oriented AI agents that move beyond rigid scripts to interpret findings and execute complex, multi-step investigations based on your team's unique environment and expertise. By bridging the divide between automated execution and human-level reasoning, the platform ensures that every alert (no matter how unpredictable) is handled with the depth and consistency of a senior analyst.
Segment Resources:
Request a demo of the platform and the AI Investigator:
Website: https://www.legionsecurity.ai/
This segment is sponsored by Legion Security. Visit https://securityweekly.com/legionrsac to learn more about them!
Read the interview summary from SC Media here: Legion’s Ely Abramovitch on goal-oriented AI investigations
- - RSAC 2026 Interview – Legion Security & AI Investigations
- - What is Legion Investigator? Goal-Oriented AI Explained
- - Task-Based vs Goal-Based AI in Cybersecurity
- - Deterministic vs Exploratory Security Workflows
- - Why Traditional Playbooks Fail in Real Investigations
- - AI Extending Investigations Beyond Human Limits
- - Can AI Investigations Be Trusted? Auditability Explained
- - Guardrails, Permissions & Explainable AI Decisions
- - From AI Discovery to Automated Security Workflows
- - How AI Learns & Adapts to New Security Environments
- - Personalized AI for Enterprise Security Operations
- - Why One-Size Security Playbooks Don’t Work
- - Cyber Attacks at Machine Speed – Why AI Defense Matters
- - Phishing, Polymorphic Malware & Modern Threats
- - Capturing Tribal Knowledge with AI Investigations
- - Faster Incident Response with AI (MTTD, MTTR)
- - Measuring ROI of AI in Security Operations
- - Automating Repetitive Security Tasks with AI
- - Human + AI Collaboration in Cybersecurity
Ely Abramovitch is the Co-Founder and CEO of Legion Security, the world’s first browser-native AI SOC platform. With a background leading product management for Microsoft Sentinel, he has a proven track record of scaling multi-billion dollar security solutions. Abramovitch’s vision focuses on automating complex threat investigations by having AI learn directly from human analyst workflows. He is also a former jazz pianist whose transition into mathematics and technology has shaped his creative approach to solving enterprise security challenges.
Delinea: Redefining Identity Security for the Agentic AI Era – Phil Calvin – RSAC26 #1
As enterprises scale agentic AI and automation, privileged access is increasingly required by non-human identities (NHIs) that operate autonomously across hybrid and cloud-native environments, introducing risks that static, credential-based models were never designed to govern. Delinea's recent of acquisition of StrongDM.
This segment is sponsored by Delinea. Visit https://securityweekly.com/delinearsac to learn more about them!
Read the interview summary from SC Media here: Delinea’s Phil Calvin on redefining identity security for the agentic AI era
- - RSAC 2026 Interview – Identity Security with Delinea
- - Evolution of Identity Management in Cybersecurity
- - Authentication vs Authorization Explained
- - Why VPNs & Traditional Security Are Failing
- - The Danger of Static Credentials & Overprivileged Accounts
- - Just-In-Time Access & Least Privilege Explained
- - Why sudo & Root Access Still Fail Security
- - Centralized Authorization Policies for Enterprises
- - Real-World Analogy: Just-In-Time Security Controls
- - The Explosion of Non-Human Identities & AI Agents
- - Managing Identity Risk Across Cloud & Hybrid Environments
- - The “Wild West” of Cloud & Third-Party Access Risks
- - Ephemeral Infrastructure & Hidden Security Threats
- - Governance, Auditing & Identity Visibility Challenges
- - Continuous Discovery & Risk Prioritization for CISOs
- - Identifying High-Risk Accounts & Access Control Strategy
- - AI, Agents & MCP Servers – The Future of Identity Security
- - Securing APIs & Machine-to-Machine Communication
- - Delinea + StrongDM Acquisition Explained
- - Why Identity is the Oldest Cybersecurity Problem
- - Agentic AI Risks & The Future of Access Control
Phil Calvin brings more than 25 years of software development, technical leadership and entrepreneurial experience to Delinea. His areas of expertise include technical strategy, cloud architecture, and engineering executive management. Prior to Delinea, Phil spent nearly a decade at Salesforce in a variety of architectural and engineering leadership roles, most recently leading the Platform Engineering organization and focusing on making the Salesforce platform trusted, accessible, and scalable.
Privileged by Design: AI Agents and the New Identity Risk to Production Systems – Shashwat Sehgal – RSAC26 #1
At RSAC this year, the AI conversation is getting more practical. Less “look what agents can do” and more “who’s actually in control when an autonomous system can take real actions across business apps and infrastructure.”
The Moltbook breach and the growing attention on OpenClaw-style agent vulnerabilities put real weight behind that question because they show how quickly agent ecosystems can scale past oversight.
Today we’re talking with Shashwath, CEO of P0 Security, about why identity and authorization are the quiet enablers of modern AI, where teams are losing control as non-human identities explode and what security leaders can do to keep innovation moving without turning access sprawl into enterprise risk.
Segment Resources:
https://cdn.prod.website-files.com/6711cd0559bf05b4faea0ea0/6980fc917dc9d975062b8351Preparing%20for%20the%20agent%20erafnl.pdf https://www.p0.dev/pr/authz-control-plane-nhis-ai-agents
To learn more about P0 Security, please visit: https://securityweekly.com/p0rsac or stop by their booth - South Hall S-2333
Read the interview summary from SC Media here: P0 Security’s Shashwat Sehgal on AI agents and the new identity risk to production systems
- - RSAC 2026 Interview – AI Security Challenges with P0 Security
- - The Explosion of AI Tools & Agentic Frameworks
- - Why Security Teams Can’t Keep Up with AI Innovation
- - Identity Security Fundamentals: Connectivity, Auth & Authorization
- - Why Authorization is the Biggest Problem in AI Security
- - AI Agents vs Human Identity – Who Gets Access?
- - Securing AI Agents Before Production Deployment
- - Guardrails, Ownership & Governance for AI Systems
- - Just-In-Time Access & Short-Lived Credentials Explained
- - Shadow AI, Open Source Agents & Governance Gaps
- - Lessons from Cloud Security Failures (S3, IAM Risks)
- - Why Traditional Identity Tools Are Failing Today
- - API-Based Security: The New Identity Control Layer
- - Identity as the New Perimeter in Cybersecurity
- - Organizational Challenges in Identity & AI Security
Shashwat Sehgal is the Co-Founder and CEO of P0 Security. He’s spent most of his career building security and observability products for developers, DevOps, and security teams.
Shashwat is passionate about solving the problem of cloud access security and helping security engineers’ control ‘who has access to sensitive resources in their clouds.’
He enjoys playing tennis, spending time with his family, teaching his son how to play chess, and geeking out on all things security.
Downtime: The New Economic Threat – Christy Wyatt – RSAC26 #1
Downtime is costing global enterprises hundreds of billions of dollars in losses annually. Caused by cyber incidents and software failures, enterprise CISOs are searching for strategies and solutions that will accelerate recovery and restoration of business operations after cyber disruptions render systems inoperable.
Segment Resources:
The Resilient CISO Inner Circle: https://www.absolute.com/ciso
The Resilient CISO LinkedIn Community: https://www.linkedin.com/groups/16575053/
Absolute Security Corporate LinkedIn Page: https://www.linkedin.com/company/absolute-cyberresilience
The Resilient CISO LinkedIn Live CISO discussions: https://www.youtube.com/watch?v=zqJcxbmfG_8&list=PL94KIXDzCxI-dhsFl-9czlDt4ch1-0cCY
This segment is sponsored by Absolute Security. Visit https://securityweekly.com/absolutersac to join The Resilient CISO Inner Circle!
Read the interview summary from SC Media here: Absolute Security’s Christy Wyatt on the new economic threat: Downtime
- - RSAC 2026 Interview – Cyber Resilience & Downtime Risks
- - Why Downtime is the Biggest Hidden Cyber Threat
- - The Real Cost of Cyber Attacks: Recovery Time
- - Why Businesses Lose Money During Downtime
- - Cyber Recovery Challenges & Business Impact
- - Why Some Companies Never Recover from Cyber Attacks
- - The Importance of Testing Incident Response & Recovery
- - Measuring Cyber Resilience: Downtime Metrics Explained
- - Risk Tolerance & Cybersecurity Strategy for Boards
- - Why Traditional Recovery Plans Fail in Real Life
- - Remote Work, AI & New Cybersecurity Risks
- - Third-Party Risk & Dependency Failures Explained
- - Why Disaster Recovery Testing Often Fails
- - Endpoint Security & Device Resilience Explained
- - AI, Complexity & The Growing Cyber Risk Landscape
- - Rapid Recovery: Rebuilding Devices After Ransomware
- - The Future of Cyber Resilience & AI-Driven Recovery
Christy Wyatt is President and CEO of Absolute Security, an enterprise Cyber Resilience leader.
As a recognized business and cybersecurity industry visionary, Christy has deep experience and expertise spanning cybersecurity, enterprise mobility, embedded platforms, IoT, enterprise software, and data science.
Prior to Absolute Security, she served as the Chairman and CEO of Dtex Systems. Before that, she was President and CEO of Good Technology (acquired by Blackberry). Christy has held technology and business leadership roles at Citigroup, Motorola, Apple, Palm, and Sun Microsystems. She currently serves on the board of directors of LM Ericsson and Silicon Labs. She has previously served on the boards of Quotient Technologies, Good Technology, Dtex, Centrify, and the Linux Foundation.
Christy has been recognized as an SC Media Women in Cybersecurity Leader, CEO of the Year by Globe and Mail, a Top 50 Women Leaders in SaaS, an Inc. Magazine Top 50 Women Entrepreneurs of America, an Information Security’s CEO of the Year, and a Fierce Wireless “Most Influential Women in Wireless.”
Scripted Sparrow: A Prolific BEC Group – John Wilson – RSAC26 #1
In December, Fortra Intelligence and Research Experts (FIRE) released a major report exposing Scripted Sparrow, one of the most active Business Email Compromise (BEC) collectives operating today. The group sends an estimated 6 million highly targeted scam emails each month, impersonating executive coaching firms and leveraging spoofed reply chains, missing attachment lures, and evolving multilingual campaigns. FIRE’s investigation links the collective to 119 domains, 245 webmail accounts, and 256 bank accounts, with members operating across three continents and continually refining their fraud techniques at scale.
Segment Resources:
https://www.fortra.com/resources/guides/scripted-sparrow-prolific-bec-threat-group
This segment is sponsored by Fortra. Visit https://securityweekly.com/fortrarsac to learn more about them!
Read the interview summary from SC Media here: Fortra’s John Wilson on the prolific BEC group Scripted Sparrow
- - RSAC 2026 Interview – Email Security & BEC Threats
- - What is Fortra? Cybersecurity Products & Services Overview
- - Introducing Scripted Sparrow BEC Threat Group
- - How Business Email Compromise (BEC) Attacks Work
- - Targeting Accounts Payable Teams with Fake Invoices
- - Why Attackers Use Executive Coaching Scams
- - Global BEC Attacks: US, UK, Sweden & Beyond
- - AI & Multilingual Phishing Attacks Explained
- - Why International Targets Are More Vulnerable
- - How Advanced Phishing Emails Bypass Detection
- - Active Defense & Scam Baiting Explained
- - What is Active Defense in Cybersecurity?
- - Disrupting Scammers: Domains, Emails & Takedowns
- - How Threat Intelligence Improves Security Products
- - Sharing Cyber Threat Intelligence with Law Enforcement
- - Why Social Engineering Still Works in 2026
- - Human Risk in Cybersecurity & Phishing Awareness
- - Using Real Phishing Simulations for Training
John Wilson has been combating email-based fraud since 2006, when he developed an authentication-based anti-phishing solution as CTO of Brandmail Solutions. John continued his mission to rid the world of email fraud at Agari. As part of their threat intelligence team, John assisted Microsoft and the FS-ISAC with the B54 Citadel botnet takedown by providing data related to Citadel botnet infections and by acting as a declarant in the civil forfeiture action filed in US District Court.
John joined Fortra through the acquisition of Agari in June 2021. In his current role at Fortra, he continues to research email scams and conduct experiments in “active defense”. In early 2023, John again worked with Microsoft, this time on a takedown effort aimed at curbing the illegal use of Fortra’s Cobalt Strike adversary simulation solution.
John holds a B.S. in Computer Science and Engineering from MIT. He has spoken at a variety of security conferences including RSA, FS-ISAC, Aviation ISAC, NCFTA Disruption, and the Microsoft Digital Crimes Consortium.
Cloning Attacker Tradecraft: Why AI Pentesting is Becoming Essential – Ido Geffen – RSAC26 #1
Enterprises ship code continuously, while most security validation still happens in snapshots. In this interview, Novee CEO and co-founder Ido Geffen explains what “AI penetration testing” actually means, why it’s different from automated scanning, and why it’s becoming essential as attackers adopt AI to move faster and continuously. He then breaks down what separates best-in-class AI pentesting: operator-like reasoning across real environments, validated exploitability, and the ability to uncover business logic flaws and multi-step attack chains. Ido covers the unique technology behind Novee’s AI penetration tester: a proprietary LLM model, built independently of “frontier” LLMs (like Claude, ChatGPT, Cursor, etc…), and consistently outperforming them at live browser exploitation tests. Finally, he shares what buyers should demand in a live evaluation and how continuous retesting closes the loop after fixes ship.
Segment Resources:
https://novee.security/blog/hacker-trained-ai-discovers-16-new-0-day-vulnerabilities-in-pdf-engines/
This segment is sponsored by Novee Security. See what your attackers already know at https://securityweekly.com/noveersac
Read the interview summary from SC Media here: Novee’s Ido Geffen on why AI pentesting is becoming essential
- - RSAC 2026 Interview – AI Pen Testing with Novee Security
- - What is Novee Security? AI Vulnerability Scanning Explained
- - Can AI Prevent Exploits Before Hackers Strike?
- - Nation-State Expertise Behind AI Security Tools
- - Custom AI Models vs Open Source LLMs in Cybersecurity
- - Training AI to Detect Vulnerabilities at Scale
- - Building the “Novee Gym” Cyber Range for AI Training
- - What Are Business Logic Vulnerabilities?
- - Real Example: Payroll Data Access Security Risks
- - Customizing Security by Company & Application Logic
- - Avoiding False Positives in Vulnerability Scanning
- - AI Exploitability Scanning vs Traditional Pen Testing
- - How AI Finds & Validates Exploitable Vulnerabilities
- - Automated Remediation & Security Fix Recommendations
- - Personalized Defense Based on WAF & Infrastructure
- - Continuous Security Testing for Modern Applications
- - Why AI Pen Testing is Better Than Basic Vulnerability Scans
- - Testing Custom Apps, APIs & AI Systems (Prompt Injection)
- - AI Pen Testing Announcement at RSAC 2026
Ido Geffen is the CEO and co-founder of Novee, the leader in AI-powered penetration testing. He brings over 20 years of experience across offensive and defensive cybersecurity, including nation-scale operations, vulnerability exploitation, and defense.
Through his work on national defense, he and fellow Novee co-founders Gon Chalamish and Omer Ninburg saw enterprises facing an impossible challenge: deploying code continuously while testing security only quarterly, even as attackers operate 24/7 with AI-powered tools. They founded Novee in May 2025 to clone their combined expertise into an agent that runs continuously, finding zero-days, business logic flaws, and complex attack chains that traditional tools miss.
RSAC 2026 Day 1: First Impressions and Early Themes – RSAC26 #1
Mike Shema and Josh Marpet reflect on the opening day of RSAC 2026, sharing early takeaways and standout moments from the show floor. They discuss the initial themes emerging across conversations and what they’re watching as the week begins to unfold.
To view all the RSAC Conference 2026 coverage by CyberRisk Alliance, visit: https://securityweekly.com/rsac
- - RSAC 2026 Day 1 Recap Begins
- - First Impressions of RSAC Conference 2026
- - Massive Cybersecurity Marketing at RSAC
- - The #1 Buzzword: Agentic AI Explained
- - Identity Security Meets Agentic AI
- - AI Trends: Phishing, Code Vulnerabilities & Defense
- - Innovation Sandbox Winner: AI Security Platform
- - Are Cybersecurity Problems Really New?
- - Why CVEs & AppSec Are Still Broken
- - Secure by Design: The Future of Security?
- - When Will Secure Coding Become Mandatory?
- - AI’s Role in Secure Software Development
- - The Future of Developers with AI
- - Predictions for RSAC 2027 & AI Security
- - Final Thoughts on Cybersecurity Trends