A crisis is a terrible thing to waste, said Stanford economist Paul Romer. That is certainly the case with AI and cybersecurity.
CHONGQING, CHINA – FEBRUARY 07: In this photo illustration, a smartphone displays the logo of Palo Alto Networks, Inc. (NASDAQ: PANW), an American cybersecurity company providing network security, cloud security and endpoint protection solutions, in front of a screen showing the company’s latest stock market chart on February 7, 2026 in Chongqing, China. (Photo illustration by Cheng Xin/Getty Images)
Getty Images
At the RSAC cybersecurity conference here in San Francisco last week, the arrival of agentic AI gave the community plenty to talk about, with practitioner advocates pointing out that AI acts as an accelerant for cyberthreats.
Meanwhile, incumbent vendors as well as startups piled on with potential solutions to the cybersecurity risks generated by AI, including specifically agentic AI.
The context of RSAC was interesting, with many cybersecurity stocks selling off last week—and Friday in particular—as rumors about new AI cybersecurity tools being released by Anthropic hit the market.
Let’s dive into everything i saw at RSAC.
AI Is a ‘Compounding Factor’
Software vendors and practitioners described a daily battle to push back on boards and CEOs who want to aggressively deploy AI, while they struggle to implement it safely.
“Nobody thinks about security when they create code,” said Tom Pace, cofounder and CEO of supply-chain cybersecurity company NetRise. Pace, who spent 16 years as a cybersecurity practitioner in roles at enterprises as diverse as PNC Bank, the Strategic Petroleum Reserve and the U.S. Marine Corps, believes that because AI speeds up the creation of software, it will accelerate threats posed by software around the world.
“There is no piece of software on the planet that doesn’t have an issue,” said Pace. “In the near term, AI makes the problems orders of magnitude bigger. It is a negative compounding factor.”
In presentations and RSAC talks, similar concerns were struck.
“Every day there is news now where agents are doing something funky with enterprise data,” said Rehan Jalil, president of products and data with Veeam Software, in an RSAC presentation. “Whether it’s exposing sensitive data or deleting data … or deleting an entire repo of data. It’s happening.”
In the same session, Michael Dolan, vice president and chief privacy officer of Best Buy, said that the power and potential risks of AI demand an entirely new way of thinking about things.
“The whole way we are thinking about security and governance is different,” said Dolan.
Agentic AI and Supply Chain Risks
Software vendors are busy rolling new new products and features to address the growing risks. Key themes at RSAC included implementing safe identity, governance, agentic AI security and supply-chain trust.
Vin Sharma, cofounder and CEO of AI security company Vijil, told me that enterprises are struggling to ensure safe agentic operations: “Enterprises have a pattern to getting close to adoption, then pulling back. Enterprises worry about three things: 1. Is it reliable? 2. Can I protect it—I don’t want it to be hijacked; and 3. In the event that it fails, what is the blast radius.”
Feross Aboukhadijeh, founder and CEO of Socket, a company focused on securing AI code, told me that as AI-generated code propagates, the risks of the software supply chain are skyrocketing.
“We are seeing all sorts of attacks,” said Aboukhadijeh. “It’s not like humans did a good job of vetting code, but now agents are doing it, and they are accelerating. It’s the same trend, only fifty percent more third-party code being brought in.”
Socket has raised a total of $65 million, led by Abstract Ventures with participation from Andreessen Horowitz (a16z) and others. It is using the funding to expand engineering teams, enhance AI-driven security features and scale operations
Cisco and Others Respond
The market leaders pumped out a steady stream of announcements to respond to the trends, including agentic AI defense solutions and more sophisticated identity products, which can authenticate not only humans but machines.
Cisco announced Identity Intelligence and DefenseClaw, in which Cisco implements active scanning of identity, actions, MCP servers and assets.
Jeetu Patel, Cisco’s president and chief product officer, touted Cisco’s growing role in a keynote address Monday, which he also detailed in his blog. Patel said that in a Cisco survey of major enterprises, 85% reported having AI agent pilots underway. Only 5% had moved those agents into production.
“That 80-point gap isn’t skepticism about AI’s potential,” wrote Patel in his blog. “It’s a rational response to a genuine security problem. Organizations can see what agents can do. They’re not sure yet they can trust them to do it safely.”
Patel added, “with a chatbot, the worst case is a wrong answer,” previewing the keynote on Monday. “With an agent, the worst case is a wrong action, and some actions can’t be undone.”
Microsoft launched new identity features in Entra ID to track and control agent behavior, alongside guardrail previews in Microsoft Foundry.
SentinelOne unveiled a batch of new offerings, including Prompt AI Agent Security, a real-time governance control plane designed to monitor and remediate unauthorized agentic actions.
Data management giant Databricks looked to boost its security credentials with Lakewatch, an agentic SIEM tool powered by Anthropic’s Claude models. This launch is targeted at SOC infrastructure.
Just prior to the conference, Futuriom 50 company and identity security specialist Teleport announced Beams. Beams are trusted runtime environments that provide secure, isolated infrastructure access for AI agents.
AI Software Threat in the Background
Ironically, RSAC kicked off with a steep selloff in popular cybersecurity stocks such as CrowdStrike and Palo Alto Networks, after AI leader Anthropic announced new agentic AI features to accompany its February launch of cybersecurity tools, including Claude Code Security. This selloff accelerated on Friday after the conference closed, with the rumors that Anthropic’s Claude “Mythos” model will include new autonomous threat detection capabilities.
Shares of Palo Alto Networks have been under selling pressure all year and lost about 4% on the week, despite launches at RSAC, including their launch of a secure Web browser, the Prisma Browser for Business, targeted at small and medium businesses.
Likewise, CrowdStrike, an investor favorite in the industry, has been in a downtrend, losing 16% of its value so far this year.
Some Wall Street analysts have called the descent a buying opportunity in many cybersecurity stocks, but this week’s selloff came as a bit of a downer on a week that is expected to pump up the industry.
That didn’t slow down the flow of venture capital, as cybersecurity continues to be a fertile area for funding. Some key funding announcements:
- A week prior to RSAC, Cloaked announced a gargantuan $375 million round to expand its enterprise-grade privacy platform. Cloaked has products for both consumers and enterprises targeting data security and privacy, but it looks like this recent round will help it expand its enterprise offerings, which include data cleanup, secure identities and encrypted password management.
- Surf AI launched with $57 million in funding for its agentic security operations platform. The round was led by Accel, with participation from existing investors Cyberstarts and Boldstart Ventures. Surf AI says it will operationalize security with a single agentic platform that connects the business context and data scattered across an organization’s systems. The platform reads signals from identity, cloud, security, data, HR and IT tools to build a living context graph that links assets, owners, permissions and dependencies.
- Above Security, a Tel Aviv, Israel-based AI-native agentic managed insider threat platform, has emerged from stealth and announced $50 million in funding. The round was led by Ballistic Ventures, Merlin Ventures and Norwest, with participation from Jump Capital and QPV Ventures.
- Futuriom 50 company Eclypsium, which specializes in hardware and AI infrastructure protection, has raised an additional $25 million in financing. The round was led by PEAK6 Strategic Capital, with participation from a top-three U.S. bank. Previous backers include Ten Eleven Ventures, Andreessen Horowitz, Pavilion Capital (Seviora Group), Qualcomm Ventures and Madrona Ventures.
- Native announced on Tuesday that it raised $42 million in total funding as it emerged from stealth, addressing the growing challenge of enforcing security policies across multi-cloud environments. The latest raise is a $31 million Series A led by Ballistic Ventures, with participation from General Catalyst, YL Ventures and Merlin Ventures. Phil Venables, former CISO of Google Cloud and now a venture partner at Ballistic Ventures, has joined Native’s board of directors.
In summary, the AI security crisis is big business. With agentic AI rising to top-of-mind in boardrooms across the world, cybersecurity professionals will be scrambling to implement new tools and architectures to tame the chaos. Keep an eye out for more autonomous SOCs, identity security and MCPs to be pumped out on a regular basis. But investors will continue to look at developments from the AI community, as they launch their own tools competing with traditional cybersecurity vendors.
Futuriom provides paid research and marketing services to technology companies, with the goal of providing accurate insight into how cloud and AI infrastructure markets are evolving. These services include subscription research, custom research, and report sponsorships. In the past twelve months, Futuriom has had a research relationship with several of the companies mentioned in this article, including Cisco, Eclypsium, and Teleport. The author holds no positions in individual technology stocks mentioned in this article.
