What RSAC 2026 Got Right — and What Everyone Missed

Last week, every major security vendor at RSAC announced their answer to agentic AI governance.

Cisco launched DefenseClaw. Check Point unveiled the AI Defense Plane. CrowdStrike, Palo Alto, and Microsoft all shipped agent security features. Geordie AI — four months old — won Most Innovative Startup for agent discovery and monitoring.

The consensus was clear: autonomous AI agents are a security risk, and the industry is building the tools to watch them.

Here's what nobody showed on stage:

How to decide what an agent should do before you monitor what it does.

63% of organizations can't enforce purpose limitations on their agents. 60% can't terminate one that's misbehaving. 55% can't even isolate them from the broader network. And 90% are pressuring security to loosen identity controls to go faster.

Every vendor at RSAC is building the alarm system. Nobody is building the blueprint.

An alarm tells you when something goes wrong. A blueprint designs the building so things are less likely to go wrong in the first place. The alarm is necessary. But it's not sufficient.

Before you can enforce purpose limitations, someone has to define purpose limitations. Before you can terminate a misbehaving agent, someone has to define what "misbehaving" means — for that specific workflow, in that specific context.

That's governance methodology. Not monitoring. Not dashboards. Not compliance audits after the fact.

The methodology that says: this agent can do these three things, cannot access these systems, must escalate these decisions to a human, and here's what "success" looks like — encoded in rules the agent can actually follow.

RSAC proved the industry agrees there's a problem. The next question is harder: who builds the intent layer that tells all these beautiful monitoring tools what they're supposed to be looking for?

The wire is live. The question is whether anyone designed the path before the current started flowing.