Management & Strategy RSAC 2026 Conference Announcements Summary (Day 1) A summary of the announcements made by vendors on the first day of the RSAC 2026 Conference. By SecurityWeek News | March 24, 2026 (11:57 AM ET) Flipboard Reddit Whatsapp Whatsapp Email As hundreds of vendors descend on San Francisco for the RSAC 2026 Conference, the sheer volume of news can be overwhelming. To help you navigate the noise, SecurityWeek is providing a daily digest of the most significant announcements. Below is our curated roundup of essential product and service updates, along with reports from the first day of the event. A roundup of announcements from the days leading up to the conference is also available. Acalvio releases cyber deception framework Acalvio has released 360 Deception, a cyber deception framework designed to break AI-driven attack automation. By incorporating 360 Deception into their existing tech stack, organizations will be able to disrupt AI-driven threat campaigns and expose malicious intent before compromise occurs. 360 Deception makes cyber defense dynamic and extends it to real assets. The platform creates a high-uncertainty environment that exposes attackers early by disrupting the stable ground truth that automated attack tools depend on. Apiiro expanding capabilities of its AI coding security agent Application security startup Apiiro announced that it is expanding the power of its AI coding security agent, Guardian Agent, with a new capability to identify security and compliance risks before code is ever written, called AI Threat Modeling. Apiiro AI Threat Modeling generates architecture-aware threat models from specs and tickets, enabling teams to identify and fix risks before code is written. By identifying risks earlier, teams can reduce rework, avoid late-stage delays, and keep development moving without adding new security bottlenecks. Advertisement. Scroll to continue reading. Arctic Wolf announces new Aurora platform and agentic SOC Arctic Wolf announced the availability of the new Aurora Superintelligence Platform, designed to accelerate the adoption of AI across cybersecurity. Built on a transformative agentic framework called the Swarm of Experts, the platform helps IT and security teams rapidly and confidently adopt Agentic AI to solve the trust and reliability challenges that have slowed adoption in cybersecurity. Arctic Wolf also announced the availability of the new Aurora Agentic SOC. Built on the Aurora Superintelligence Platform, the Aurora Agentic SOC combines Arctic Wolf’s Concierge Experience with turnkey agentic AI. Arctic Wolf also announced a partnership with cloud security firm Wiz to deliver a new integration between Wiz solutions and the Aurora Superintelligence Platform. ArmorCode and Purple Book Community release new research ArmorCode, in partnership with the Purple Book Community, released The State of AI Risk Management 2026, highlighting a growing “confidence gap” between perceived AI security readiness and actual operational risk. Based on a survey of more than 650 cybersecurity leaders, the report reveals that while 90% of organizations claim visibility into their AI footprint, 59% admit or suspect shadow AI is operating outside of governance processes. At the same time, 70% report vulnerabilities introduced by AI-generated code already making their way into production environments. Astrix adds AI agent discovery and policy enforcement to platform Astrix has expanded its platform with a four-method AI agent discovery architecture and a real-time policy engine designed to give security teams full visibility and control over AI agents running across the enterprise. Discovery is handled through four complementary approaches: direct integrations with AI platforms, non-human identity fingerprinting to surface shadow agents authenticating via credentials, telemetry ingested from existing endpoint and network sensors, and a bring-your-own-service option for homegrown or non-standard deployments. A new Agent Policies feature lets security teams define allow, flag, and block rules scoped by user, department, platform, and resource type, evaluated before an agent action executes. BeyondTrust expands capabilities across its Pathfinder Platform BeyondTrust has expanded capabilities across its Pathfinder Platform to deliver a unified approach to securing AI agent coworkers that operate alongside users, as well as autonomous AI workloads executing at scale across cloud and SaaS environments. New capabilities include endpoint privilege enforcement for AI coworkers, AI agent discovery and risk analysis, and secrets management for autonomous agents. The company also announced new threat research from BeyondTrust Phantom Labs, which found that the majority of enterprises are running shadow AI agents with privileged access that security teams cannot see or govern. Black Duck announces general availability of Signal Black Duck has announced the general availability of Black Duck Signal, an application security solution designed to secure AI-generated code and agentic development workflows. Signal delivers AI-native security designed to reason, validate, and remediate risk at the speed and scale of modern development. Built on an agentic architecture powered by multiple best-in-class LLMs and enhanced by Black Duck’s Context AI, Signal brings contextual security reasoning directly into development workflows. Broadcom launches Symantec CBX Broadcom has announced Symantec CBX (Carbon Black XDR), a cloud-based platform that merges capabilities from its Symantec and Carbon Black product lines into a single XDR solution. The platform combines Symantec’s prevention, Adaptive Protection, data security, Cloud SWG, and Incident Prediction features with Carbon Black’s EDR technology, providing coverage across endpoints, networks, and data. CBX uses AI to correlate signals across those attack surfaces into high-confidence incidents, and includes an Incident Prediction capability that attempts to forecast an attacker’s next four to five moves. Symantec CBX is expected to be available later this year. Cloud Security Alliance launches CSAI Foundation The Cloud Security Alliance (CSA) has established CSAI, a dedicated 501(c)3 non-profit foundation focused exclusively on AI security and safety, with a stated mission of securing the agentic control plane (covering identity, authorization, orchestration, runtime behavior, and trust assurance for autonomous AI agent ecosystems). CSAI builds on CSA’s existing AI Safety Initiative and will operate six programs: an AI Risk Observatory for threat intelligence and CVE tracking specific to agentic AI; best practices guidance covering identity-first controls, runtime authorization, and privilege governance for non-human actors; education and credentialing including three new TAISE certification tracks; a CxO collaboration program for enterprise security executives; and a global assurance program. Cisco extends Zero Trust Access to AI agents Cisco has introduced agent discovery in Identity Intelligence, agentic IAM capabilities in Duo, and Model Context Protocol policy enforcement with adaptive risk protection in Secure Access. These features enable registration of agents mapped to human owners, fine-grained task-based permissions, and routing of tool traffic through an MCP gateway for full visibility and governance. Cisco also released ‘AI Defense: Explorer Edition’ for self-serve red teaming of models and applications, including dynamic adversarial testing against prompt injection and jailbreaks. In addition, the company launched the open-source DefenseClaw framework for automated scanning, inventory, and sandboxing of agent skills and assets, as well as an Agent Runtime SDK for embedding policy enforcement at build time across major frameworks. Commvault announces expanded Microsoft Security integration Commvault announced an expanded integration with Microsoft Security to better connect threat detection with trusted recovery. The new integration uses Microsoft Sentinel, Microsoft Security Copilot, and the Commvault Cloud platform to streamline resilience operations and enable real-time data insights, helping organizations move quickly from identifying a threat to validating and restoring clean data faster with greater confidence. ConductorOne announces AI Access Management extension ConductorOne announced its AI Access Management product extension, a unified control plane for managing access to AI tools, agents, and MCP connections across the enterprise. The platform enables organizations to accelerate AI adoption while maintaining full visibility, policy enforcement, and compliance. Cribl adds background detection to Cribl Guard Cribl has introduced background detection for Cribl Guard, an AI-driven capability that continuously scans in-flight logs, traces, and events to identify previously unknown patterns of PII, secrets, and regulated data. The detection model runs entirely within Cribl Workers, meaning sensitive data is analyzed inside the customer’s own infrastructure rather than being sent to an external service. When a new pattern is detected, findings are surfaced in the Cribl interface with full event context, and security teams can convert a finding into an active Guard rule in a single action. CrowdStrike announces platform enhancements CrowdStrike announced new platform innovations that extend AI agent discovery, shadow AI governance, and runtime threat detection directly from the endpoint – the point of AI execution – to every surface where AI agents operate across SaaS, browser, and cloud environments. CrowdStrike also announced that its Falcon Next-Gen SIEM now ingests and correlates Microsoft Defender for Endpoint telemetry, enabling Microsoft endpoint customers to modernize security operations without deploying additional sensors. CrowdStrike also unveiled native Falcon Onum real-time data pipelines, federated search across third-party