As hundreds of vendors descend on San Francisco for the RSAC 2026 Conference, the sheer volume of news can be overwhelming. To help you navigate the noise, SecurityWeek is providing a daily digest of the most significant announcements.
Below is our curated roundup of the essential product and service updates from the days leading up to the event.
1Password launches unified access platform to help companies securely deploy AI agents
1Password announced 1Password Unified Access, a new agent security platform that enables organizations to securely deploy AI agents and automated workflows without losing control of credentials, secrets, and machine identities. Unified Access gives AI builders the ability to discover, secure, and audit access at the moment it occurs. At launch, 1Password is collaborating with Anthropic, Cursor, GitHub, Perplexity, and Vercel, as well as other category leaders in AI infrastructure, AI developer tools, MCP gateways, and AI browsers.
Action1 adds integrations with Rapid7, Tenable, CrowdStrike, and Microsoft
Action1 has announced new integrations between its endpoint management platform and four major vulnerability management and endpoint security tools from Rapid7, Tenable, CrowdStrike, and Microsoft. Each integration correlates vulnerability scan data from the respective platform with Action1’s endpoint inventory and automated patching capabilities. Additionally, Action1 introduced a universal vulnerability data ingestion feature that accepts exported scan data from any vulnerability management tool.
Arcjet adds prompt injection detection to its application-layer security platform
Arcjet has released a prompt injection protection capability that inspects and blocks malicious prompts before they reach AI models. Rather than relying on the model itself to resist adversarial input, enforcement happens earlier in the request path, where full application context (such as identity, session state, and routing) is available. The feature integrates with Arcjet’s existing controls, including bot detection, rate limiting, and sensitive information detection.
Bonfy launches data security platform for AI agents and enterprise GenAI workflows
Bonfy has released Adaptive Content Security (ACS) 2.0, a platform designed to monitor and control how sensitive data is accessed and handled by AI agents, copilots, and unsanctioned AI tools. It covers a broad range of systems (Microsoft 365, Google Workspace, Salesforce, Slack, AWS S3, and on-premises file stores) and introduces an MCP server interface that allows AI agents to label and risk-score content before it reaches external services. A browser extension provides real-time inspection of web traffic to detect shadow AI usage. The platform also adds a ‘data surface visibility’ view that maps where sensitive content resides across an organization’s data stores and tracks how employees and agents interact with it.
Booz Allen Hamilton launches Vellox AI-native cyber defense suite
Booz Allen Hamilton launched Vellox, a suite of five AI-native cybersecurity tools covering malware analysis, detection engineering, adversary emulation, compliance monitoring, and autonomous remediation. Vellox Reverser (generally available) automates malware reverse engineering to produce defensive recommendations; Vellox Ranger (limited preview) autonomously maps customer environments to generate tailored detection logic; and Vellox Striker (limited preview) emulates AI-powered attackers to stress-test defenses. Vellox Navigator (real-time compliance monitoring) and Vellox Responder (autonomous remediation across cloud and infrastructure) are announced but not yet available.
Cobalt expands its offensive security platform with new AI capabilities and managed program service
Cobalt announced two additions to its Offensive Security Platform: new AI-driven pentesting capabilities and a Security Program Manager service. On the AI side, the platform now automates reconnaissance, vulnerability discovery, credential validation, and finding deduplication. The Security Program Manager is a dedicated human expert who handles scheduling, remediation tracking, and asset inventory management for enterprise-scale pentesting programs, and produces executive-ready reporting from technical findings.
Druva launches Identity Resilience to cover Okta, Active Directory, and Entra ID
Druva Identity Resilience extends the company’s data security platform to include identity protection and recovery across Okta, Microsoft Active Directory, and Microsoft Entra ID in a single SaaS platform. Rather than treating identity as a static list of directory objects, the platform models it as a continuously evolving state (tracking how permissions, relationships, and non-human identities change over time) to help teams reconstruct what happened during an incident and restore access to a known-good state.
Entro Security adds AI agent governance to identity platform
Entro Security has launched Agentic Governance & Administration (AGA), a new module that extends identity governance principles to AI agents and the non-human identities they use. AGA builds a profile for each agent by correlating its sources (endpoint telemetry, agent foundries, cloud environments, MCP servers), the enterprise assets it accesses, and the identities it relies on. It also provides MCP activity monitoring and policy enforcement.
Graylog adds threat prioritization, automated investigations, and MCP server to SIEM
Graylog announced three new capabilities for its SIEM platform. A threat prioritization engine groups related alerts using entity context, asset criticality, vulnerability data, and threat campaign intelligence to surface high-priority incidents and suppress noise. Context-aware incident response workflows automate evidence collection and generate AI-driven step-by-step response recommendations. An open MCP server connects compatible LLMs to Graylog security data, enabling natural-language queries and agentic workflows such as automated triage, MITRE ATT&CK coverage mapping, and false-positive analysis.
Huntress adds endpoint and identity security posture management to platform
Huntress has launched Managed Endpoint Security Posture Management (ESPM) and Managed Identity Security Posture Management (ISPM) as new additions to its platform. Managed ESPM controls which applications can run on endpoints, integrates with Microsoft Defender for Endpoint for vulnerability prioritization and remediation, and generates compliance-ready reports. Managed ISPM applies expert-built policies to Microsoft 365, continuously checks for misconfigurations, and automatically rolls back unauthorized changes within minutes. Both products are currently in Early Access, with general availability expected by summer 2026.
Nagomi Security expands platform with agentic exposure remediation and verification
Nagomi Security has launched Agentic Exposure Ops, which extends the platform’s focus from exposure visibility to automated remediation. Agents investigate exposures by correlating vulnerability data, control telemetry, and threat signals across domains, then route remediation tasks to the appropriate owners with contextual tickets. Once a fix is applied, the agents continuously re-verify that the closure holds as environments change, producing evidence at each stage of the detect-investigate-remediate-verify loop.
Opal Security launches Paladin, OpalScript, and OpalQuery for AI-native access governance
Opal Security has introduced three new capabilities forming a closed loop for access governance. Paladin is an AI access evaluation agent that sits directly in the approval chain, reviews requests against the requester’s history, resource sensitivity, and referenced project tickets, and either approves or escalates them. OpalScript is a Python-like policy language that lets teams codify access rules as executable automations (such as separation-of-duties enforcement or time-limited access grants). OpalQuery allows security and GRC teams to interrogate the organization’s identity and access graph using plain-language queries, with results exportable as audit evidence.
Orca Security adds AI agents and runtime AI detection to cloud security platform
Orca Security has announced four new capabilities for its platform. A Threat Investigation Agent automatically correlates signals across cloud environments and produces investigation reports with recommended containment actions, while an AppSec Triage Agent analyzes SAST findings to filter out false positives. Runtime AI Threat Detection identifies when workloads, identities, and processes interact with AI models, MCP servers, and third-party AI tools, providing visibility into how AI is being used at runtime and where sensitive data may be exposed. Orca also introduced code reachability analysis, which determines whether vulnerable code paths are actually invoked in running applications, and Orca Missions, which groups related findings into tracked remediation initiatives.
Onapsis unveils capabilities to unlock agentic AI SAP cybersecurity workflows
Onapsis announced Agentic Gateway, an Agentic AI for SAP cybersecurity, enabling organizations to interact with security and compliance data through natural language queries from their existing corporate-sanctioned AI platforms. Security teams can bridge the gap between complex SAP security telemetry and autonomous enterprise AI agents to optimize the full scope of Onapsis platform capabilities. The capability provides an MCP Gateway for SAP Security, Agentic workflows, Context-Aware Reasoning, Enterprise-Grade Privacy and Rapid ‘Shields-Up’ SAP Visibility for all users.
Panther releases AI SOC platform
Panther has announced the general availability of its AI SOC Platform, in which AI agents have native access to the platform’s data lake, detection engine, and organizational knowledge to investigate and triage alerts autonomously. A key architectural feature is closed-loop detection tuning: every triage outcome is fed back as a label that automatically adjusts detection logic over time. Other capabilities include an AI Detection Builder that converts natural-language threat hypotheses into Python-based detection rules, proactive threat hunting that runs scheduled analysis across the full data lake, and cross-tool context assembly via MCP integrations with identity providers, ticketing systems, and code repositories.
Pentera adds natural language AI interface to exposure validation platform
Pentera has released Pentera 8, which introduces Pentera Peer, a natural-language, agentic interface embedded directly into the platform’s adversarial testing workflow. The interface is context-aware, tailoring its outputs to the user’s role and organizational context, such as industry and geography. Pentera 8 is expected to reach general availability in Q2 2026.
Secure Code Warrior launches ‘SCW Trust Agent: AI’ for governance of AI-assisted development
Secure Code Warrior has unveiled ‘SCW Trust Agent: AI’, which provides commit-level visibility into which LLMs (both sanctioned and shadow AI tools) influenced specific code commits, and correlates that AI usage with vulnerability exposure and developer skill levels to enforce policy before code reaches production. It also tracks active MCP servers to prevent AI agents from accessing internal tools or databases through unvetted connections.
Sevii launches Autonomous Proactive Security module
Sevii has released an Autonomous Proactive Security (APS) module as an expansion of its Autonomous Defense and Remediation (ADR) platform. APS continuously ingests threat intelligence from external partners, open source feeds, and attack data generated within a customer’s own environment, then autonomously generates and executes hunting hypotheses and remediation actions. The platform deploys agentic Cyber Warrior agents to the edge of enterprise networks to process and act on detections across endpoint, identity, and cloud environments.
Simbian unifies SOC, threat hunting, and pentesting
Simbian has announced a unified security operations platform anchored by the Simbian Context Lake, a shared intelligence layer that stores an organization’s environment data, past investigation decisions, and institutional knowledge to inform multiple AI agents. The platform brings together three agents (an AI SOC Agent for alert triage and response, an AI Pentest Agent for automated penetration testing, and an AI Threat Hunt Agent in private preview) that share findings with each other in real time, so a vulnerability uncovered during a pentest can automatically elevate the priority of a related SOC alert. The platform integrates with over 90 security tools and includes case management capabilities, with the SOC and Pentest agents generally available now.
Varonis launches Atlas, an end-to-end AI security platform
Varonis has released Atlas, a platform that covers the full AI security lifecycle (inventory, posture management, runtime guardrails, detection and response, compliance, and third-party risk) in a single solution. A key differentiator is its integration with the Varonis Data Security Platform, which enriches AI security findings with data sensitivity and access context so teams can understand not just what an AI system is doing but what sensitive data it can reach. An AI Gateway enforces real-time guardrails inline (blocking policy violations before they reach the model or downstream systems) while keeping all prompt and response telemetry within the customer’s own environment.
Veracode extends remediation engine for supply chain risks
Veracode has launched Fix for Software Composition Analysis (SCA), extending its existing AI-powered code remediation capability to cover vulnerabilities in open source dependencies. The solution performs contextual analysis of how third-party libraries interact with first-party code to avoid introducing breaking changes, then bundles all required configuration and source file modifications into a single, reviewable pull request delivered directly into the developer’s Git environment. Automated fixes are grounded in a proprietary, human-verified vulnerability database. The product is currently in Early Access.
Vicarius launches vIntelligence for continuous exposure validation and closed-loop remediation
Vicarius has launched vIntelligence, a new flagship product that adds continuous exposure validation and agentic orchestration to complement its existing vRx remediation platform. vIntelligence is a new engine built to solve the assurance gap by continuously validating risk across fragmented security data, turning raw findings into actionable guidance. vIntelligence combines its own validation engine with an agentic AI layer, enabling teams to query their environment in natural language, generate custom validation logic, identify detection gaps, and recommend remediation actions, all within a human-in-the-loop model.
