As hundreds of vendors descend on San Francisco for the RSAC 2026 Conference, the sheer volume of news can be overwhelming. To help you navigate the noise, SecurityWeek is providing a daily digest of the most significant announcements.
Below is our curated roundup of essential product and service updates, along with reports from the second day of the event. Roundups of announcements from day 1 and the days leading up to the conference are also available.
Assail launches Ares autonomous red team platform
Offensive security firm Assail has launched Ares, an autonomous red-teaming platform designed to discover, chain, and exploit vulnerabilities across APIs, mobile applications, and web applications. Ares is a self-healing, self-teaching platform that autonomously adapts attack strategies in real time and requires no hands-on expertise to manage.
BlackCloak adds new capabilities to executive protection platform
BlackCloak has released three new capabilities for its Digital Executive Protection platform. Impersonation Protection, now enhanced with device-level biometric validation and geolocation signals, lets BlackCloak members authenticate the legitimacy of communications from other members in real time via the mobile app. Search Suppression complements the existing Data Broker Removal service by automatically suppressing a member’s PII from search engine results while broker removal requests are still being processed. Member Travel Advisory (coming this spring) delivers AI-synthesized, continuously updated risk analysis across cybersecurity, physical, geopolitical, and social dimensions for every country directly within the app.
ConductorOne announces new CrowdStrike integration
ConductorOne announced a new integration with CrowdStrike Falcon Next-Gen Identity Security that feeds live threat signals drawn from real-time detections, behavioral analytics, and threat intelligence directly into ConductorOne’s access governance workflows. Security teams can filter and prioritize high-risk identities during access reviews and approval decisions based on real-time activity, rather than risk scores. ConductorOne’s policy engine can also use those Falcon signals to automate responses and trigger a review, deny access, or revoke entitlements the moment risk levels shift.
Cyera launches Browser Shield and Data Lineage
Cyera has introduced a new suite of capabilities, including Browser Shield for AI and Data Lineage, to provide real-time visibility into how employees and autonomous agents interact with sensitive data. Browser Shield prevents data exposure at the prompt level within public AI models, while the Data Lineage tool automatically maps how agents move and transform files across their lifecycle. Additionally, the new Cyera MCP allows security teams to build their own data security agents to automate threat hunting and risk remediation using plain-language queries.
CrowdStrike launches cloud security innovations, Falcon Data Security, Agentic MDR
CrowdStrike announced new Falcon Cloud Security enhancements to help eliminate cloud risk through adversary-informed prioritization. Organizations can identify cloud exposures most likely to be exploited and their root causes, enabling faster remediation. CrowdStrike also introduced Falcon Data Security, a new data security solution that stops data theft across the agentic enterprise. Falcon Data Security discovers, classifies, and stops data theft in real time. The security giant also unveiled Agentic MDR for managed detection and response. Falcon Complete’s analysts build and deploy intelligent agents to automate high-friction security workflows and stop breaches.
Darktrace launches adaptive security awareness training and introduces MSSP offering
Darktrace has announced Adaptive Human Defense, which replaces scheduled security awareness training with behavioral AI-driven micro-coaching sessions delivered in real time as risks appear in a user’s inbox. Darktrace also unveiled an expansion of Darktrace / EMAIL to include full-message, cross-channel analysis across email, Microsoft Teams, Slack, and Zoom, enabling detection of blended social engineering campaigns across all four platforms, including prompt-injection threats targeting corporate AI assistants. The company also announced a new managed email security offering for MSSPs, built on Darktrace / EMAIL’s Self-Learning AI.
Drata has released three new agentic AI capabilities for its trust management platform. The first, Agentic TPRM Assessment (now generally available), automates vendor security reviews by autonomously accessing live evidence from Drata Trust Centers, evaluating controls against defined criteria, and generating findings, follow-ups, and executive reports. The second, Agentic Questionnaire Response (in beta), manages the full security questionnaire lifecycle from intake and drafting to SME collaboration and final delivery, with configurable human-in-the-loop controls. The third, AI Trust Center Creation, ingests a customer’s existing artifacts and quickly auto-generates a complete Trust Center preview.
Eclypsium expands supply chain security platform coverage
Eclypsium has released the Eclypsium Supply Chain Security Platform version 4.3. The latest version of the platform provides continuous monitoring of network edge devices for vulnerabilities, indicators of compromise, and unknown binaries that may harbor vulnerabilities and custom malware introduced via the IT supply chain.
GC Cybersecurity introducing 5th generation Autonomous Data Protection Platform
GC Cybersecurity has unveiled its 5th generation Autonomous Data Protection Platform. The new ISE Autonomous Data Protection Platform is designed to address the growing risk of sensitive data exposure across AI, cloud, and SaaS environments. Powered by agentic AI and a 5th generation cybersecurity architecture, the platform continuously discovers, classifies, and protects data in real time, going beyond traditional perimeter-based defenses.
Hadrian launches Nova agentic pentesting solution
Hadrian has released Nova, an agentic pentesting product that autonomously simulates offensive techniques against an organization’s external attack surface, including chaining vulnerabilities and escalating access across real assets. Testing is customer-scoped and repeatable on demand, with findings reviewed by human experts before delivery. Nova is priced per test and is available immediately.
KnowBe4 launches phishing alert button for Microsoft Teams and expands platform
KnowBe4 is extending its one-click Phish Alert Button (PAB) to Microsoft Teams, allowing users to report suspicious messages directly within the collaboration platform. The integration enables security teams to manage threats from both email and Teams within a single, streamlined workflow. KnowBe4 also expanded its Artificial Intelligence Defense Agents (AIDA) platform with deepfake training agents that generate custom, high-fidelity deepfake simulations featuring an organization’s own leaders to train employees on how to spot AI-generated impersonations.
Living Security launches AI-native platform to secure the hybrid workforce
Living Security announced the general availability of its AI-native Human Risk Management platform. Powered by the Livvy AI risk intelligence engine, the platform is designed to secure the “hybrid workforce” — both human employees and AI agents operating across enterprise systems. The platform analyzes behavioral signals across the workforce to identify risk, explain why it matters, and guide remediation before incidents occur.
Huntress expands ITDR coverage to Google Workspace
Huntress has expanded its Managed Identity Threat Detection & Response (ITDR) product to cover Google Workspace, adding to its existing Microsoft 365 coverage. The solution detects anomalous authentication activity, attacker-created Gmail inbox rules designed to suppress MFA notifications or hide security alerts, and logins from data center providers commonly associated with threat actors.
iCOUNTER introduces Counter Threat Operating System
iCOUNTER announced the general availability of its Counter Threat Operating System (CTOS), a new platform designed to introduce “compromise intelligence” as a control layer for third-party risk. The initial release includes CTOS-TPR, which detects early-stage adversary activity such as reconnaissance and targeting aimed at vendors and partners. By continuously monitoring threat activity and mapping it against an organization’s extended ecosystem, CTOS enables companies to identify and act on risks before they lead to breaches.
Miggo Security expands Runtime Defense Platform
Miggo is expanding its Runtime Defense Platform to protect AI and agentic environments, with new capabilities including AI-BOM, runtime guardrails and agentic detection and response. It tackles the fact that agents are making decisions dynamically at runtime, so security teams need visibility and protection where models, tools and data actually interact. The enhancement gives security teams visibility and control over AI agents, MCP toolchains and Shadow AI running in production.
NetRise launched Provenance, a new product that identifies risk associated with contributors to the open source components inside enterprise software and connected devices. Provenance adds a layer of trust and intelligence to the NetRise Platform, enabling teams to see a variety of project health signals, including advisory relationships and how compromises propagate through dependency graphs, defining a blast radius from a malicious contributor.
Novee introduces autonomous AI red teaming for LLM applications
Novee has launched autonomous AI red teaming for LLM applications, designed to uncover flaws in chatbots, copilots, and agents. It tests for real AI-specific attack paths such as prompt injection, jailbreaks and agent manipulation rather than relying on traditional appsec approaches that were not built for AI behavior.
Nudge Security adds new AI agent discovery capabilities
Nudge Security announced an expansion of its platform with the addition of AI agent discovery, enabling customers to gain immediate visibility and control over agent identity and permissions. The new capabilities discover AI agents at the source of creation, understand their access risks, and engage their human creators to gain additional context regarding the scope of use for each agent.
RSA expands Microsoft partnership and announces new passwordless capabilities
RSA has announced expanded integration with Microsoft, adding support for the new Microsoft 365 E7: The Frontier Suite through RSA ID Plus for Microsoft, which provides authentication for both human users and AI agents across hybrid, cloud, and on-premises environments. Separately, RSA announced several new passwordless enhancements: a next-generation desktop passwordless client for macOS and Windows, enhanced mobile passkeys with proximity verification, and datacenter passwordless support for Linux and other OS servers.
Sectigo launches platform for certificate lifecycle management as a managed service
Sectigo has introduced the Sectigo Partner Platform (SPP), a multi-tenant CLM platform designed for MSPs, MSSPs, VARs, and distributors. Unlike single-tenant alternatives, SPP gives each end customer a fully isolated tenant with separate certificate inventories, usage reporting, billing, and admin controls, all managed through a single partner interface. The platform integrates with Sectigo Certificate Manager (SCM) and automates certificate validation, issuance, and renewal workflows. SPP is currently available to a limited number of channel partners, with broader rollout planned.
SentinelOne and LevelBlue global partnership
SentinelOne and LevelBlue are combining SentinelOne’s Purple AI and Singularity Platform with LevelBlue’s threat intelligence and Indigo platform to give organizations a unified, AI-powered security operations model, covering MDR, managed SIEM, and incident response in one place. The goal is to reduce dwell time and fragmentation that make most enterprise security stacks hard to manage.
Sentra adds Google Workspace and Gemini capabilities to data security platform
Sentra announced a new solution to help organizations securely adopt Google Workspace with Gemini by addressing key AI adoption risks. The platform tackles four core risks: shadow and unused sensitive data, over-permissioning, incorrect or missing labels, and data leakage through AI-generated outputs, using in-place discovery, classification and automated labeling. These capabilities give organizations the visibility and controls needed to maintain data governance, compliance and cost efficiency while preparing for AI.
Skyhawk Security adds threat actor context to AI red team cloud attack scenarios
Skyhawk Security has introduced a new Threat Actor Context capability that maps simulated cloud attack scenarios to known adversary tradecraft, campaigns and CVEs. The product enhancement was built for prioritization. It gives security teams more context on which attack paths are most relevant based on real-world threat activity, helping them focus on the true risks to critical assets.
Tenable launches Hexa agentic AI engine
Tenable has introduced Hexa AI, an agentic AI engine within the Tenable One platform that automates security workflows and transforms exposure intelligence into coordinated action. Hexa AI helps security teams prioritize and remediate risk at machine speed across IT, cloud, identity and AI environments. By leveraging Tenable’s Exposure Data Fabric, the platform enables organizations to move from reactive response to proactive, continuous risk reduction.
Vectra AI adds exposure management capabilities to network detection platform
Vectra AI has expanded its platform with three new exposure management capabilities. The first is a passive, agentless continuous asset inventory that automatically discovers and tracks unmanaged, OT, and IoT devices across hybrid environments. The second is proactive exposure detection, which identifies observed security and compliance gaps such as risky protocol usage, weak encryption patterns, and exposed credential files. The third is environment observability, providing network-wide visibility into PQC readiness, Zero Trust posture, data movement, and network performance.
Zscaler publishes threat research and announces new integrations
Zscaler has published its Threatlabz 2026 VPN Risk Report, which shows that 51% of organizations experienced a VPN-related security incident in the past 12 months. The study also found that only 5% trust their VPN infrastructure to detect and stop AI-enabled threats, and only 6% of organizations can deploy a critical VPN patch within 24 hours. Zscaler also announced that it’s now part of Databricks’ new Open Security Lakehouse Ecosystem, which unifies all structured and unstructured security data into a single platform that integrates with any tool to enable social engineering detection, insider threat detection, and anomaly detection.
