Microsoft RSAC 2026 Agentic AI Security Highlights
Summary
At RSAC 2026, Microsoft is highlighting an AI-first security strategy built for the rise of “agentic” organizations, emphasizing autonomous defense, broad observability, and governance across identity, endpoints, data, cloud, and SecOps. The news matters because as AI systems and attacks both scale, Microsoft is positioning its platform—backed by over 100 trillion daily security signals—to help enterprises securely deploy and manage autonomous agents while improving cyber resilience.
Introduction: why this matters
AI is rapidly changing both how work gets done and how attacks scale. Microsoft is framing this shift as the rise of the “Frontier Firm”—human-led, agent-operated organizations—where security must become as autonomous and always-on as the AI systems it protects. At RSAC™ 2026, Microsoft will showcase how its AI-first security platform aims to deliver deep observability, governance, and protection across every layer of the AI stack.
What’s new at RSAC 2026 (Microsoft highlights)
Microsoft Pre‑Day (Sunday, March 22)
Hosted at the Palace Hotel, Microsoft Pre‑Day is positioned as the on-ramp for the week. Microsoft plans to share how it’s advancing “agentic defense,” informed by more than 100 trillion security signals per day, and how offerings like Agent 365 provide observability across layers (identity, endpoints, data, cloud, and SecOps). Expect strategy plus practical guidance on cyber resilience and security operations transformation.
Keynote: Ambient and Autonomous Security
- Vasu Jakkal (CVP, Microsoft Security) keynote: Ambient and Autonomous Security: Building Trust in the Agentic AI Era (Monday, March 23)
- Focus: how security platforms evolve to address AI-powered threats through autonomous operations and pervasive observability.
Featured sessions (security + governance for agents)
- Security, Governance, and Control for Agentic AI (Monday, March 23): principles to keep autonomous agents governed and secure to avoid sprawl, misuse, and unintended actions.
- Advancing Cyber Defense in the Era of AI Driven Threats (Tuesday, March 24): how AI increases threat sophistication and what resilient, intelligence-driven defenses should look like.
Booth experience (Microsoft Booth #5744)
Microsoft’s booth at Moscone Center will feature theater sessions and interactive demos aimed at modern security operations—connecting identity, data, cloud, and endpoint protection to AI-era governance and threat response.
Impact on IT administrators and security teams
- Security architecture: Expect increased emphasis on end-to-end controls for AI systems—visibility, governance, and policy enforcement across AI apps, agents, and data flows.
- SecOps workflows: Autonomous triage and response scenarios (agent-assisted) will influence how teams design playbooks, escalation paths, and operational metrics.
- Identity and access: Conditional access optimization and identity-driven security remain central as agents act on behalf of users and services.
Action items / next steps
- Identify where agents are being used (or piloted) and define governance requirements (allowed actions, data boundaries, auditability).
- Review observability gaps across identity, endpoints, cloud, and data that could hinder detection/response in agent-driven workflows.
- Plan RSAC coverage: prioritize the keynote and the governance-focused sessions; schedule booth time for hands-on demos relevant to your environment.
- Align stakeholders (SecOps, IAM, compliance, app teams) on a shared model for AI risk ownership and operational readiness.
Need help with Security?
Our experts can help you implement and optimize your Microsoft solutions.
Talk to an ExpertStay updated on Microsoft technologies