AI Goes Rogue? RSAC 2026 Day 2 Unmasks a Security Arms Race

The second day of the RSAC 2026 Conference in San Francisco wasn’t just a showcase of shiny new security tools - it was a glimpse into a future where artificial intelligence is both the sword and the shield. As hundreds of cybersecurity vendors vied for attention, one message rang clear: the line between attacker and defender is blurring, with autonomous agents and AI-powered platforms rapidly changing the rules of engagement.

Fast Facts

• Autonomous red teaming, agentic pentesting, and AI-powered risk assessment tools dominated major announcements.
• Vendors like CrowdStrike, Cyera, and Tenable unveiled new AI engines to automate threat detection, data security, and vulnerability management.
• AI threats against cloud, SaaS, and collaboration tools - especially Microsoft Teams and Google Workspace - are top concerns for 2026.
• Supply chain security and open source component risk remain in the spotlight, with new tools for real-time monitoring and provenance tracking.

The buzzword this year is “agentic” - referring to AI systems that act autonomously, not just crunching data but making decisions and executing actions. Offensive security firms like Assail and Hadrian introduced platforms that simulate real-world attacks without human intervention. Assail’s Ares and Hadrian’s Nova promise relentless, adaptive red teaming that can uncover chained vulnerabilities and escalate privileges - effectively automating what used to require a squad of human pentesters.

On the defensive front, the AI arms race is just as fierce. CrowdStrike’s new Falcon Data Security and Agentic MDR solutions aim to spot and stop data theft in real time, while Cyera’s Browser Shield targets the rising threat of AI prompt injection attacks. Living Security’s AI-native platform takes things a step further, managing risks posed by both human employees and the growing population of AI agents operating in hybrid workforces.

Collaboration and cloud platforms are now prime battlegrounds. Huntress and KnowBe4 have expanded their detection tools to Google Workspace and Microsoft Teams, respectively, responding to the surge in phishing and identity attacks within business communication channels. Meanwhile, Zscaler’s latest research highlights the fragility of VPN infrastructure, with over half of surveyed organizations suffering VPN-related incidents and little confidence in their ability to stop AI-driven threats.

Supply chain and open source risk remain urgent. NetRise’s Provenance tool and Eclypsium’s upgraded platform offer continuous monitoring and insight into the origins and health of the software components businesses rely on - critical as attackers increasingly exploit weaknesses in third-party code.

Even the human layer isn’t spared. Darktrace and KnowBe4 are pushing real-time, AI-driven security awareness, including deepfake simulations using an organization’s own leaders, to train employees against a new breed of social engineering.

The RSAC 2026 Day 2 announcements paint a picture of a cyber landscape where AI is both the greatest threat and the most powerful defense. As algorithms become more autonomous, the challenge for security teams is no longer just about keeping up - it’s about staying ahead of intelligent adversaries, both human and artificial, in an arms race that’s only accelerating.

WIKICROOK

• Agentic AI: Agentic AI systems can independently make decisions and take actions, operating with limited human oversight and adapting to changing situations.
• Red Teaming: Red Teaming involves ethical hackers simulating attacks on systems to uncover vulnerabilities and strengthen an organization’s cybersecurity defenses.
• Prompt Injection: Prompt injection is when attackers feed harmful input to an AI, causing it to act in unintended or dangerous ways, often bypassing normal safeguards.
• Supply Chain Security: Supply chain security ensures that all parts of a product or service’s journey are protected from cyber threats, tampering, and foreign control.
• Managed Detection and Response (MDR): Managed Detection and Response (MDR) provides outsourced cybersecurity experts and tools to monitor, detect, and respond to threats for organizations.