RSAC 2026 Day 2: Agentic AI, Hidden Cybersecurity Trends & What’s Next – RSAC26 #2
RSAC 2026 Day 2 is here and AI is dominating everything. From agentic AI and autonomous security tools to emerging risks like AI data exposure, MCP protocols, and AI browser threats, this recap breaks down the biggest trends shaping cybersecurity right now.
We dive into:
Why AI is everywhere (and what’s real vs hype) The rise of agentic AI and autonomous security Hidden innovation from startup vendors & the expo floor The Innovation Sandbox winner (Geordie AI) and what it means Real risks with AI copilots, data access, and shadow AI Why small language models (SLMs) may outperform LLMs How to spot true cybersecurity innovation vs noise
If you're a security professional, developer, or tech leader, this is your inside look at where cybersecurity is heading in 2026 and beyond.
To view all the RSAC Conference 2026 coverage by CyberRisk Alliance, visit: https://securityweekly.com/rsac
- - RSAC 2026 Day 2 Kickoff & Overview
- - AI, Agentic & Autonomous Trends Continue
- - AI Hype in Cybersecurity Press Releases
- - Exploring Startup Innovation at RSAC
- - Finding Hidden Gems on the Expo Floor
- - Innovation Sandbox Winner: Geordie AI
- - Risks of AI Agents & Data Access
- - AI Copilot Security Risks Explained
- - AI Browsers & Emerging Threats
- - Future of MCP & AI Communication Protocols
- - Classic Vulnerabilities in the AI Era
- - Human Factor vs AI in Cybersecurity
- - Wiz “No AI Zone” Marketing Strategy
- - Anti-AI Trend as a Competitive Edge
- - Off-Floor Networking & Vendor Strategy
- - RSAC Expo Floor Trends & Expectations
- - How to Spot Real Cybersecurity Innovation
- - AI vs API vs Cloud: Same Security Problems?
- - Small Language Models vs LLMs Explained
- - Future of AI Security & SLM Adoption
Managing Cyber Risk as Financially Motivated Attacks Grow – Tony Anscombe – RSAC26 #2
The ransomware and eCrime landscape continue to evolve at a rapid pace. ESET’s global research team has been closely following ransomware gang disruptions and their use of EDR Killers to disable cybersecurity tools. In this interview, Tony Anscombe will take a look into recent research, and explore how the industry and businesses are responding to combat financial risk and mitigate threats.
This segment is sponsored by ESET. Visit https://securityweekly.com/esetrsac to learn more about them!
Read the interview summary from SC Media here: ESET’s Tony Anscombe on managing cyber risk as financially motivated attacks grow
- - RSAC 2026 Interview Kickoff (Matt Alderman & ESET)
- - Funny RSAC Story + Intro to Ransomware Topic
- - What is an EDR Killer? (Cybersecurity Explained)
- - How Hackers Disable Endpoint Security Tools
- - Which EDR Solutions Are Vulnerable?
- - Ransomware Business Model & Affiliates Explained
- - Why Attribution is Getting Harder
- - Evolution of Ransomware as a Business
- - Why Cybercrime is Driven by Money
- - Challenges for Cyber Defenders Today
- - Why IOCs Alone Are Not Enough
- - Need for Real-Time Threat Intelligence
- - AI & Faster Exploit Development Risks
- - Mapping Threat Intelligence to Your Business
- - TTPs vs IOCs: Understanding Attacker Behavior
- - Why Context Matters More Than Data
- - Real-World Ransomware Attack Examples
- - Cyber Insurance & Security Requirements
- - Insurers Becoming MSSPs (New Trend)
- - Supply Chain Risk & Monoculture Dangers
- - Why Security Diversity Matters
- - Final Thoughts on Ransomware Defense
Tony Anscombe is the Chief Security Evangelist for ESET. With over 25 years of security industry experience, Tony is an established author, blogger, and speaker on the current threat landscape, security technologies and products, data protection, privacy and trust, and Internet safety. His speaking portfolio includes industry conferences RSAC, Black Hat, VB, CTIA, MEF, Gartner Risk and Security Summit, and the Child Internet Safety Summit. He is regularly quoted in cybersecurity, technology and business media, including BBC, Dark Reading, the Guardian, the New York Times and USA Today, with broadcast appearances on Bloomberg, BBC, CTV, KRON, NBC, and CBS. Tony is a board member of NCA and previously served on the board of MEF and FOSI and held an executive position with AMTSO.
AI Agents for Vulnerability Management – Mehul Revankar – RSAC26 #2
Introducing Quantro Security, Inc., a new agentic AI solution bringing AI agents to vulnerability management. The company is focused on applying agentic AI to help address modern security challenges. In this interview, we’ll learn more about Quantro Security, Inc., its approach, and what this new solution means for the future of vulnerability management.
This segment is sponsored by Quantro Security. Visit https://securityweekly.com/quantrorsac to learn more about them!
Read the interview summary from SC Media here: Quantro Security’s Mehul Revankar on AI agents for vulnerability management
- - – RSAC 2026 Interview with Quantro Security
- - – Founders’ Background & Tenable Days
- - – Why Start Quantro Security?
- - – AI is Changing Exploit Development
- - – Rise of AI-Powered Cyber Attacks
- - – Why Defenders Need AI-Native Security
- - – Cybersecurity Productivity Gap Explained
- - – Talent Shortage in Cybersecurity Teams
- - – Building an AI Cyber Defense Advisor
- - – Faster Exploits Than Patches (Big Problem)
- - – Who Should Use Quantro Security?
- - – Enterprise Security Challenges & Tool Sprawl
- - – Improving Risk Detection & Response Speed
- - – MSSPs: Scaling Security with AI
- - – Increasing Efficiency & Profitability with AI
- - – Custom Security Outcomes (One Size → One-to-One)
- - – How AI Reduces Security Team Workload
- - – What Makes Quantro Different?
- - – Building a Proprietary Vulnerability Database
- - – Multi-LLM Orchestration Explained
- - – Context Engineering & Reducing AI Costs
- - – Why Chatbots Alone Don’t Work in Security
- - – Future-Proofing with Flexible AI Models
- - – Competitors: Hyperscalers vs Niche Tools
- - – Why Traditional Tools Fall Short
- - – AI as the Security “Connective Tissue”
- - – Final Thoughts & Closing
Mehul is a seasoned Cybersecurity Product Leader with a proven track record of building award-winning products and scaling B2B SaaS and open-source solutions. With over 20 years of experience in enterprise security, he has led product, engineering, and research teams at industry leaders like Qualys, and Tenable. He is now a Co-founder at Quantro Security where he is building agentic AI solutions for Enterprise Cyber Risk Management. Where he leads Product, Sales and Marketing.
AI’s Security Inflection Point: Hybrid, Browser Security, and Data Compliance – Thyaga Vasudevan – RSAC26 #2
The rapid adoption of AI applications is reshaping enterprise security architectures. As organizations integrate AI copilots, agentic workflows, and cloud-native platforms, traditional network-centric security models are proving insufficient.
In this conversation, Thyaga Vasudevan, EVP, Product at Skyhigh Security, discusses three major shifts emerging across enterprises: the rise of hybrid security architectures that combine cloud and on-prem enforcement, the growing importance of browser-based security controls as work increasingly happens inside the browser, and the expanding role of data security and compliance as AI systems interact with sensitive enterprise data.
The discussion explores how AI is simultaneously increasing risk and enabling new security approaches, driving organizations toward data-centric protection models that operate consistently across SaaS, cloud, private infrastructure, and AI-driven applications.
This segment is sponsored by Skyhigh Security. Visit https://securityweekly.com/skyhighrsac to learn more about them!
Read the interview summary from SC Media here: Skyhigh Security’s Thyaga Vasudevan on hybrid, browser security and data compliance
- - – RSAC 2026 Day 2 Interview Kickoff
- - – AI Security Inflection Point Explained
- - – From On-Prem Security to Cloud Complexity
- - – Remote Work & Expanding Attack Surface
- - – Why Hybrid Security is Now Essential
- - – Managing Cloud + On-Prem with One Console
- - – Hybrid Security Architecture Breakdown
- - – The Challenge of Interconnected Systems
- - – AI Applications: Cloud vs On-Prem Risks
- - – Why Browser Security Matters More Than Ever
- - – WebSockets & AI Traffic Inspection Challenges
- - – New Approach: Browser-Based Security Controls
- - – Zero Client & Browser-Only Security Debate
- - – Where Security is Headed in the Next Few Years
- - – Protecting Data vs Just Controlling Access
- - – What is DSPM (Data Security Posture Management)?
- - – Visibility into Sensitive Data Across Environments
- - – AI + Agentic Systems Expanding Threat Surface
- - – Securing Agentic AI: Identity & Access Control
- - – MCP Servers & API Risks Explained
- - – Blocking Shadow AI & Unauthorized Agents
- - – Inspecting AI Prompts & Data Flow
- - – Using CASB for AI & API Security
- - – How AI is Changing Cybersecurity Defense
- - – Reducing False Positives with AI & ML
- - – Final Thoughts on AI Security Challenges
Thyaga Vasudevan is a high-energy software professional currently serving as the Executive Vice President, Product at Skyhigh Security, where he leads Product Management, Design, Product Marketing and GTM Strategies. With a wealth of experience, he has successfully contributed to building products in both SAAS-based Enterprise Software (Oracle, Hightail – formerly YouSendIt, WebEx, Vitalect) and Consumer Internet (Yahoo! Messenger – Voice and Video). He is dedicated to the process of identifying underlying end-user problems and use cases and takes pride in leading the specification and development of high-tech products and services to address these challenges, including helping organizations navigate the delicate balance between risks and opportunities.
The Threat Curve Has Reset: Why AI Made “Solved” Attacks Dangerous Again – Eyal Benishti – RSAC26 #2
AI hasn’t just evolved cyberattacks—it has reset the threat curve entirely. New research shows that even “solved” problems like phishing and business email compromise are immature and dangerous again, with attackers using AI and autonomous agents to launch hyper-personalized, multi-channel attacks at scale. This session explores what Phishing 3.0 really means for security leaders—and why defending trust now requires a fundamentally new approach.
Segment Resources:
https://ironscales.com/rebuilding-trust-in-digital-communications-report-download
This segment is sponsored by IRONSCALES. Visit https://securityweekly.com/IRONSCALESrsac to learn more about them!
Read the interview summary from SC Media here: IRONSCALES’ Eyal Benishti on why AI made ‘solved’ attacks dangerous again
- - – RSAC 2026 Day 2 Interview with IRONSCALES
- - – “The Threat Curve Has Reset” Explained
- - – From Linear to Exponential Cyber Threats
- - – How AI is Changing Cybersecurity Forever
- - – Why Traditional Security Models Are Failing
- - – AI-Powered Reconnaissance & Attack Automation
- - – Social Engineering vs AI-Driven Attacks
- - – From Manual Hacking to Instant AI Exploits
- - – How AI Collects & Weaponizes Data at Scale
- - – OSINT Risks: Social Media & Personal Data Exposure
- - – Agentic AI: Autonomous Cyber Attacks Explained
- - – Real-World Example: Targeting RSAC Attendees
- - – Location Tracking & Image-Based Intelligence Risks
- - – Why Attacks No Longer Need Specific Targets
- - – AI vs Humans: Speed & Scale of Cyber Attacks
- - – Why Defenders Must Use AI Against AI
- - – The Rise of Multimodal Phishing (Voice, Video, Email)
- - – Deepfake Attacks & Business Email Compromise
- - – Why Spear Phishing is More Dangerous Than Ever
- - – Phishing 3.0 Today & What’s Next (Phishing 4.0)
- - – Fighting AI Threats with Proactive Security
- - – Using AI Agents for Cyber Defense
- - – From Reactive to Proactive Security Strategy
- - – Simulating Attacks Before Hackers Do
- - – Building an AI Red Team for Defense
- - – The Future: Autonomous Security & AI Defense Systems
- - – Final Thoughts: Staying Ahead of AI Threats
Eyal Benishti is the CEO and Founder of IRONSCALES, pioneering the world’s first self-learning email security solution to combat advanced phishing, BEC, and account takeover attacks. With over 15 years in the software industry, Eyal has held roles as a security researcher and malware analyst at Radware and a technical lead for information security solutions at Imperva. He also held R&D positions at Comverse and Amdocs. Eyal earned his bachelor’s degree in computer science and mathematics from Bar-Ilan University in Israel and has been passionate about cybersecurity from a young age.
Coding Agents Are Getting More Cautious, but Not Safer – Brian Fox – RSAC26 #2
A new study finds that while frontier AI coding models are hallucinating less than they did a year ago, they still preserve a significant amount of avoidable software risk when left ungrounded. Sonatype’s research shows that connecting these models to real-time software intelligence dramatically improves remediation quality and reduces critical and high-severity vulnerability exposure by 60–70%. The takeaway is clear: safer AI-assisted development will depend not just on better models, but on grounding them in accurate, current dependency and vulnerability data.
Segment Resources:
2026 State of the Software Supply Chain report: https://www.sonatype.com/state-of-the-software-supply-chain/introduction
This segment is sponsored by Sonatype. Read the study: https://securityweekly.com/sonatypersac
Read the interview summary from SC Media here: Sonatype’s Brian Fox on coding agents getting more cautious, but not safer
- - – RSAC 2026 Intro & Sonatype Overview
- - – What Sonatype Does (Maven, Nexus & Open Source Ecosystem)
- - – What is Software Intelligence for AI Coding?
- - – How AI Coding Tools Lack Real-Time Security Context
- - – Feeding AI Agents Real Vulnerability & Dependency Data
- - – The Risk of AI Choosing Deprecated or Vulnerable Code
- - – AI Hallucinations vs Security Accuracy Explained
- - – Why AI Became More “Cautious” (But Less Effective)
- - – Hidden Risk: False Confidence in AI Security Reviews
- - – Improving AI Accuracy with Grounded Data (MCP)
- - – Using MCP Servers for AI Coding Intelligence
- - – AI + Human Collaboration in Secure Development
- - – The Future of Developers: AI as an Abstraction Layer
- - – Natural Language as the New Programming Interface
- - – Can AI Be Trusted in Secure Environments?
- - – Why AI Must Follow Traditional Security Best Practices
Brian Fox is CTO and co-founder of Sonatype, with more than 20 years of experience spanning software development, open source, and cybersecurity. A founder of Maven Central and former chair of the Apache Maven project, he also serves in leadership and advisory roles with OpenSSF, FINOS, Singapore’s CTREX Panel, and the Apache Software Foundation.
Autonomous Intelligence and the Future of Digital Trust – Amit Sinha – RSAC26 #2
AI agents are no longer experimental tools — they are becoming autonomous participants in enterprise infrastructure. Acting independently, making decisions at machine speed, and interacting directly with sensitive systems, these agents fundamentally reshape the trust model that underpins modern organizations. As AI becomes embedded across operations, security must evolve from perimeter defense to continuous, identity-driven trust. This conversation explores what it means to build a resilient trust architecture for autonomous systems — one that ensures verifiable identity, constrained authority, accountability, and governance at scale.
We’ll examine how enterprises can balance innovation with control, prevent misuse or spoofed agents, and prepare for a future defined by machine-to-machine interactions. At stake is not just cybersecurity, but the integrity of digital trust itself.
This segment is sponsored by DigiCert. Visit https://securityweekly.com/digicertrsac to learn more about them!
Read the interview summary from SC Media here: DigiCert’s Amit Sinha on autonomous intelligence and the future of digital trust
- - – RSAC 2026 Intro & DigiCert Overview
- - – What DigiCert Does (PKI, Encryption & Digital Trust)
- - – DigiCert ONE Platform Explained (PKI, DNS & CLM)
- - – Why Certificate Lifecycle Management (CLM) is Critical
- - – The Risk of Certificate Outages (Real-World Example)
- - – Why Automation is Essential for Modern PKI
- - – CLM Benefits: Crypto Agility, Zero Trust & Post-Quantum
- - – ROI of CLM: 6-Month Payback & Cost Savings
- - – AI Agents & Machine Identity Explained
- - – Digital Passports for AI Agents (PKI Identity Model)
- - – Agentic AI Identity vs Token-Based Authentication
- - – Why Cryptographic Identity Matters for Zero Trust
- - – Policy-Based Access Control with OPA (Guardrails)
- - – Fighting Deepfakes with Content Provenance
- - – Signing Digital Content (Videos, Images & Documents)
- - – C2PA Standard & Verifiable Media Authenticity
- - – DigiCert’s Evolution: From CA to Full Security Platform
- - – Why PKI + DNS Integration Matters
- - – Email Security: DMARC, SPF & DKIM Explained
- - – Valimail Acquisition & Email Trust Innovation
- - – Verified Mark Certificates (VMC) & Email Trust Signals
Dr. Amit Sinha is CEO of DigiCert. Prior to DigiCert, Dr. Sinha was President of Zscaler. During his 12-year tenure, Zscaler grew from a startup to a NASDAQ-100 company and established itself as a dominant leader in enterprise security. Dr. Sinha is an independent Board Member at Zscaler and at DataRobot, an AI cloud platform company, and an advisor to several startups.
Prior to Zscaler, Dr. Sinha served as CTO for Motorola’s Enterprise Networking and Communications business, delivering Wi-Fi solutions. He was the CTO of AirDefense, a market leader in the wireless security space, leading to its successful acquisition by Motorola in 2008. Prior to AirDefense, Dr. Sinha served as Co-Founder and Chief Technologist at Engim, a Wi-Fi semiconductor company.
Dr. Sinha earned his Masters and Ph.D. in Electrical Engineering and Computer Science from the Massachusetts Institute of Technology, Cambridge, and his B.Tech. in Electrical Engineering from the Indian Institute of Technology, Delhi, where he graduated summa cum laude and was awarded the President of India Gold Medal. He has authored over 25 journal/conference papers, contributed to 3 books, and is the inventor of 39 U.S. patents granted or pending.
OT: Segmented Today, Breached Tomorrow – HD Moore – RSAC26 #2
As the worlds of IT and OT converge, traditional network segmentation falls short, exposing risks in the critical environments that keep energy flowing and shelves stocked. Conventional security tools fail to identify these gaps, with serious repercussions for operators. At runZero, we empower defenders to win by default through comprehensive discovery, rapid detection of critical exposures, and unique segmentation analysis that does not depend on span ports, credentials, or on-device agents. runZero provides real-time insights into even the most sensitive environments — quickly, safely, and securely.
Segment Resources:
https://www.runzero.com/resources/segmentation-theater-sans-2026/
This segment is sponsored by runZero. Visit https://securityweekly.com/runzerorsac to learn more about them!
Read the interview summary from SC Media here: HD Moore on segmented OT today, breached tomorrow
- - – RSAC 2026 Interview with runZero CEO HD Moore
- - – What runZero Does: Agentless Asset Discovery Explained
- - – Continuous Asset Inventory & Why Delta Changes Matter
- - – Finding Security Gaps (Missing EDR, Vulnerability Coverage)
- - – OT Security vs IT: Why Infrastructure is Changing
- - – Network Segmentation Risks in OT & ICS Environments
- - – Detecting Hidden Network Bridges & Multi-Homed Devices
- - – Why Shadow IT is the Biggest Security Weakness
- - – Asset Inventory Challenges & Agent-Based Limitations
- - – Device Fingerprinting vs Traditional Vulnerability Scanning
- - – Safe, Low-Impact Network Discovery Techniques
- - – New Features: Attack Graphs & Network Topology Mapping
- - – Discovering Hidden OT Devices via Serial & Backplane Access
- - – Critical Infrastructure Risks: HVAC, Fire, and Safety Systems
- - – Visualizing Attack Paths & Lateral Movement Risks
- - – Hidden Network Interfaces & Unexpected Attack Surfaces
- - – Identifying Unknown Internet Entry Points & Exposures
- - – External Attack Surface Mapping from Internal Data
- - – Why Asset Inventory (CIS Control 1) Still Fails
- - – Context Matters: Understanding What Devices Actually Are
HD Moore is a pioneer of the cybersecurity industry who has dedicated his career to vulnerability research, network discovery, and software development since the 1990s. He is most recognized for creating Metasploit and is a passionate advocate for open-source software and vulnerability disclosure.
HD serves as the CEO and founder of runZero, which provides a single source of truth for exposure management across your total attack surface. Delivering in-depth visibility into every asset and exposure, runZero helps you mitigate risks faster, meet compliance requirements, and ensure you continuously discover critical insights that others miss — including unknown and unmanageable devices and elusive exposures that evade traditional tools.
Prior to founding runZero, HD held leadership positions at Atredis Partners, Rapid7, and BreakingPoint. HD has also been a frequent speaker at industry events such as Black Hat and DEF CON. HD’s professional journey began with exploring telephone networks, developing exploits for the Department of Defense, and hacking into financial institution networks.
The Missing Layer in Zero Trust: The Security Policy Control Plane – Jody Brazil – RSAC26 #2
Zero Trust has become the dominant security architecture for hybrid and cloud environments, but many organizations are discovering that deploying enforcement technologies alone does not deliver operational control. Firewalls, cloud security groups, and microsegmentation platforms enforce access decisions, yet the policies behind those controls are often fragmented, difficult to validate, and constantly changing. In this conversation, FireMon CEO Jody Brazil discusses why modern security architectures increasingly require a security policy control plane: a layer that continuously validates how policy is enforced across firewalls, cloud networks, and segmentation platforms. The discussion explores why policy drift occurs in real environments, how enforcement systems become difficult to coordinate at scale, and what organizations must do to ensure Zero Trust policies remain consistent as infrastructure evolves.
Segment Resources:
FireMon — Policy is Power https://www.firemon.com FireMon Insights https://www.firemon.com/products/insights FireMon + Illumio Integration https://www.firemon.com/integrations/illumio SC Awards Finalists https://www.scworld.com/sc-awards-finalists
This segment is sponsored by FireMon. Visit https://securityweekly.com/firemonrsac to learn more about them!
Read the interview summary from SC Media here: Firemon’s Jody Brazil on the security policy control plane
- - – RSAC 2026 Interview with FireMon CEO Jody Brazil
- - – The Missing Layer in Zero Trust Explained
- - – Why Zero Trust Creates New Security Challenges
- - – From Chaos to Control: Security Policy Fundamentals
- - – Network Segmentation & Complexity in Modern Enterprises
- - – Managing Billions of Access Paths Across Firewalls
- - – Multi-Cloud & Hybrid Network Policy Challenges
- - – What is the Security Control Plane?
- - – Visibility First: Understanding Your Network Access
- - – Cleaning Up Legacy Firewall Rules & Security Gaps
- - – Visualizing Network Security & Policy Enforcement
- - – Policy vs Technology: Why Policy Still Wins
- - – Agentic AI Risks & Security Policy Implications
- - – Reducing Risk & Blast Radius with Network Security
- - – When Security Breaks: Why Teams Disable Controls
- - – Automating Security Operations & Access Requests
- - – Scaling Security Without Breaking the Business
Jody Brazil is the Founder and CEO of FireMon and the original visionary behind the Network Security Policy Management (NSPM) category. Since co-founding FireMon in 2004, Jody has been at the forefront of firewall policy and change management innovation. Following his tenure as founder of the cloud-security platform DisruptOps, he returned to lead FireMon in 2021. Today, he focuses on helping enterprises maintain a unified control plane, automating security policies across hybrid-cloud infrastructures to ensure continuous compliance and operational integrity
Breach Readiness for Measurable Risk Reduction in the Age of AI – Rajesh Khazanchi – RSAC26 #2
Cyber leaders no longer debate whether a breach will occur. What has changed is the speed and scale at which AI now enables those breaches. The real question is how far an attacker can move once inside. In this conversation, Rajesh Khazanchi explores why breach readiness, including AI-assisted containment, measurable blast radius reduction, and pervasive microsegmentation, has become mission-critical for business continuity in 2026.
Segment Resources:
https://colortokens.com/products/xshield-microsegmentation-platform/
This segment is sponsored by ColorTokens. Visit https://securityweekly.com/colortokensrsac to learn more about them!
Read the interview summary from SC Media here: ColorTokens’ Rajesh Khazanchi on breach readiness for measurable risk reduction in the age of AI
- - – RSAC 2026 Interview with ColorTokens CEO Rajesh Khazanchi
- - – Breach Readiness Explained: Why It Matters in Cybersecurity
- - – Why Breaches Are Inevitable in Modern Enterprises
- - – Microsegmentation: The Key to Containing Cyber Attacks
- - – Zero Trust & Microsegmentation Core Principles
- - – Identity-Based Attacks vs Traditional Cyber Threats
- - – Why You Must Assume Breach in 2026
- - – Real-World Example: Containing Attacks Across 3300 Locations
- - – Cloud, Hybrid Networks & Expanding Attack Surfaces
- - – Incident Response & Recovery Strategies (Hospital Case Study)
- - – Data Encryption Risks & Backup Challenges
- - – Why Security Tools Alone Are Not Enough
- - – OT Security Risks: HVAC, Medical Devices & Critical Systems
- - – Reducing Blast Radius with Layered Segmentation
- - – Hotel Security Analogy: Understanding Microsegmentation
- - – Why Security Testing & Simulations Are Critical
- - – Tabletop Exercises vs Real Cybersecurity Drills
- - – Common Security Failures (Firewalls, Misconfigurations)
- - – Building a Practical, Resilient Cybersecurity Strategy
Rajesh Khazanchi is the CEO and Co-Founder of ColorTokens, Inc., a Bay Area cybersecurity company pioneering the global shift to Zero Trust security architectures. With over 25 years of leadership across enterprise security, cloud infrastructure, and product innovation — and 8 granted patents — he is recognized as a technology visionary who transforms bold ideas into enterprise-grade platforms that shape the future of cybersecurity.
At ColorTokens, Rajesh has advanced the company’s mission of delivering Zero Trust Microsegmentation and breach readiness at scale, building a trusted partner ecosystem with Fortune 500 enterprises, global system integrators, and managed service providers. The company’s flagship platform, Xshield, has been consistently recognized by Gartner, Forrester, and GigaOm as a leader in Zero Trust MicroSegmentation. Over the last 10 years journey at ColorTokens, he also acquired two security companies – PureID and Cognore.
Previously, Rajesh held senior leadership roles at VMware, HP, and Oracle, where he drove global product innovation, large-scale enterprise adoption, and next-generation security products and solutions. These experiences gave him a unique perspective on aligning technology with business transformation — a principle that continues to anchor ColorTokens’ customer-first approach.
A recognized thought leader and innovator, Rajesh regularly engages with C-Level and Fortune 500 executives worldwide, shaping strategies that position security not just as protection, but as a strategic enabler of resilience, agility, and growth in the digital era.
How We Achieve Agentic Outcomes in CyberSecurity: The “Do-It-For-Me” Mobile Defense – Tom Tovar – RSAC26 #2
If you look at things like deepfakes, synthetic identity, social engineering, and new malware variants coming to market, it's safe to say - the attackers have a first-mover advantage in using AI. Empowered and accelerated by AI, the volume and variety of threats are growing faster than the current cyber stack can address. Against this backdrop, another shift is happening inside the enterprise. Organizations are moving away from “do-it-yourself” delivery models (more tools, more alerts, more headcount) to “do-it-for-me” agentic AI delivery models (using platforms that unify data, execute policy, and automate outcomes). The emphasis outside of cyber is on empowering the expert human-in-the-loop—so teams spend less time in the noise and more time delivering business outcomes. This segment explores how cybersecurity leaders can make the most of the AI Age, leveraging it for good while staying relevant amid the explosive AI adoption curve.
This segment is sponsored by Appdome. Visit https://securityweekly.com/appdomersac to learn more about them!
Read the interview summary from SC Media here: Appdome’s Tom Tovar on how to achieve agentic outcomes in cybersecurity
- - – RSAC 2026 Intro & Appdome Overview
- - – What Are Agentic Outcomes in Cybersecurity?
- - – AI Agents as a Workforce: The Future of Security
- - – Human vs AI: Elevating the Security Role
- - – Automating Repetitive Tasks with AI Agents
- - – Mobile App Security Challenges Explained
- - – Risks of Over-Reliance on AI in Enterprises
- - – Building an Agentic Security Strategy
- - – Why Defense is Perfect for AI Automation
- - – Raising the Security “Floor” with AI
- - – App Security Standards in the Age of AI
- - – Protecting Users: Mobile Apps, Fraud & Data Risks
- - – Infinite Attackers vs Finite Defenders Problem
- - – Using AI to Scale Cyber Defense
- - – The Future of Agentic Cybersecurity
Tom Tovar is the co-creator and CEO of Appdome, a one-stop shop for mobile app defense. He’s a self-taught product creator, mobile app coder, hacker. He’s serves as product advisor on several venture funded cyber companies, and previously as executive chairman of Badgeville, an enterprise digital motivation platform acquired by CallidusCloud, in several executive positions, including CEO, of Nominum, an intelligent-DNS security and services provider that was acquired by Akamai, and chief compliance officer, and operational executive in charge of business and corporate development, legal and channel at Netscreen Technologies acquired by Juniper Networks for $5B. He began his career as a corporate and securities attorney with Cooley Godward LLP. Tovar holds a JD from Stanford Law School and a BBA in finance and accounting from the University of Houston.
Know Your AI Agents Through Visibility, Control, and Accountability – Matt Immler – RSAC26 #2
AI agents are rapidly embedding into core enterprise workflows with broad access to sensitive systems and the ability to act autonomously, creating new challenges for security leaders tasked with enabling innovation while maintaining control. In this interview, Matt Immler will discuss why organizations must know about every agent operating in their environment and how to bring those agents under governance.
This segment is sponsored by Okta. Visit https://securityweekly.com/oktarsac to learn more about them!
Read the interview summary from SC Media here: Okta’s Matt Immler on knowing your AI agents through visibility, control, and accountability
- - – RSAC 2026 Intro & Okta Identity Overview
- - – Why Identity Security Is Evolving Beyond the “Front Door”
- - – Agentic AI vs Prompt-Based AI Explained
- - – What Is an AI Identity? (Non-Human Identities)
- - – Risks of Non-Deterministic AI Decision-Making
- - – Human vs AI Identity: Key Differences
- - – What Is a “First-Class Identity” for AI Agents?
- - – Applying Security Policies to AI Agents
- - – Guardrails for Agentic AI & Prompt Injection Risks
- - – Can AI Use Multi-Factor Authentication (MFA)?
- - – Authorization & Least Privilege for AI Systems
- - – Why Human-in-the-Loop Still Matters
- - – Future Risk: AI Creating Its Own Approvers
- - – Are AI Agents Becoming Digital Humans?
- - – Raising Kids in an AI-Driven World
- - – How Okta Detects AI vs Human Behavior
- - – Identifying AI Through Behavioral Patterns
- - – AI Using Human Credentials: Security Risks
- - – Stopping Unauthorized AI Access with Browser Controls
- - – Behavioral Security & Zero Trust for AI Identities
Matt Immler is the Regional Chief Security Officer for Okta in the Eastern Americas, where he leverages his Identity expertise to drive customer success. Matt’s background includes Auth0 Security and Compliance, in addition to previous roles in information security, network operations and software engineering.
Agentic AI and the Future of Threat Intelligence Operations – Sachin Jade – RSAC26 #2
Security teams collect large volumes of threat intelligence but often struggle to translate that information into coordinated operational response. This discussion explores how organizations are embedding intelligence directly into security workflows and introducing AI agents to support investigation, enrichment and response.
Sachin will discuss Cyware’s Agentic Fabric approach and the evolution toward an agent-centric model, where a portfolio of specialized agents assists analysts across threat intelligence, detection engineering and response workflows. The conversation will focus on how AI can support security teams while maintaining human oversight and operational control.
Segment Resources:
https://cyware.com https://cyware.com/unified-threat-intelligence-management https://www.cyware.com/quarterback-ai
This segment is sponsored by Cyware. Visit https://securityweekly.com/cywarersac to learn more about them!
Read the interview summary from SC Media here: Cyware’s Sachin Jade on agentic AI and the future of threat intelligence operations
- - – RSAC 2026 Intro & Cyware Overview
- - – What Is Threat Intelligence Operationalization?
- - – Turning Raw Threat Data into Actionable Insights
- - – Why Contextualized Threat Intelligence Matters
- - – STIX/TAXII & Building a Complete Threat Picture
- - – Mapping Threat Intelligence to Attack Chains
- - – Using Asset Inventory for Better Threat Detection
- - – Can AI Replace Threat Intelligence Platforms?
- - – Introducing Cyware’s Agentic AI Platform
- - – Predicting Attacker Behavior & Next Moves
- - – Proactive Cybersecurity vs Reactive Defense
- - – The Rising Cost of Cyber Threats (Trillions Impact)
- - – Why AI Is Changing Cybersecurity Forever
- - – Collective Defense & ISAC Threat Intelligence Sharing
- - – From Alerts to Action: Automated Response
- - – What Is Automated Remediation in Cybersecurity?
- - – Human-in-the-Loop vs Full Automation
- - – Building Trust in AI-Driven Security Systems
- - – Simulating Attacks & Measuring Blast Radius
- - – Risk-Based Security & Decision Making
- - – From Tactical to Strategic Threat Intelligence
- - – Aligning Cybersecurity with Enterprise Risk
- - – Making Threat Intelligence Accessible for All Businesses
Sachin Jade is Chief Product Officer at Cyware, where he leads product strategy for the company’s threat intelligence and security operations platform. His work focuses on helping organizations operationalize threat intelligence by integrating intelligence workflows directly into detection and response environments.
Sachin works with enterprises, government organizations and information sharing communities to advance automation, intelligence collaboration and the practical application of AI within security operations.
RSAC 2026 Trends: Agentic AI, AI Identity & The Future of Cybersecurity – RSAC26 #2
Doug White and Josh Marpet break down the highlights from day two at RSAC 2026, reflecting on the conversations, themes, and insights emerging from the show floor. From evolving security challenges to real-world perspectives, they share what stood out and what’s worth paying attention to as the week continues.
To view all the RSAC Conference 2026 coverage by CyberRisk Alliance, visit: https://securityweekly.com/rsac
- - – RSAC 2026 Day 2 Recap Begins
- - – Inside the Massive RSAC Expo Floor
- - – Navigating the Cybersecurity “Maze” (and Chaos)
- - – Agentic AI: The Buzzword of RSAC 2026
- - – What RSAC Expo is REALLY Like (First-Time Experience)
- - – Wild Booths: Wrestling Rings, Gimmicks & Marketing
- - – Why the Expo Floor Reveals Industry Trends
- - – Key Trend #1: Agentic AI in Cybersecurity
- - – Key Trend #2: AI Identity & Security Guardrails
- - – The Rise of “AI as Human Identity” Concept
- - – Treating AI as First-Class Identities Explained
- - – Reputation vs Identity in AI Security
- - – Zero Trust & AI: Why It’s Accelerating Now
- - – Why Executives Are Investing in Agentic AI
- - – The Risk of AI with Unlimited Access
- - – The Future of AI Security (Are We Too Late?)
- - – Final Thoughts: RSAC Trends & What’s Next
