Every major cybersecurity vendor launched an AI product this week at RSAC 2026 in San Francisco. CrowdStrike, Palo Alto Networks, Cisco, Google (with its freshly acquired Wiz), Arctic Wolf, Dell, Rubrik. All on Day 1. The trade press covered it as a parade of product launches. Dozens of articles, each dutifully listing features and capabilities.
That framing misses what happened.
The real story is not that security companies are adding AI features. The real story is that the entire security industry just restructured itself around a single architectural assumption: that the things companies need to protect are no longer humans sitting at keyboards, but autonomous software agents acting on their behalf. And every major vendor reached that conclusion at the same time. That kind of synchronized pivot does not happen because marketing departments coordinated. It happens because the underlying economics changed.
The trigger nobody is talking about
Start with a number. According to ETR data presented at RSAC this week, 37% of organizations already have AI agents deployed or in active testing. That is up 10 percentage points from last year. But here is the part that should worry you: only 3% of those organizations say they have broad security controls in place for those agents. Twenty percent admit they have no agent-specific controls at all.
That gap, between deployment speed and governance readiness, is the structural force driving every announcement on the Moscone floor this week. Vendors are not launching AI products because AI is trendy. They are launching because their customers just created a massive new attack surface and have almost nothing protecting it.
The shift also showed up in spending patterns. For the first time, LLM and generative AI protection surpassed cloud security as the top area where enterprises plan to increase spending, according to ETR's annual security study. Cloud security had held that position for two years running.
What the vendors actually built
The specifics matter because they reveal a shared diagnosis.
CrowdStrike expanded its Falcon platform into what amounts to an AI surveillance layer. A new feature called Shadow AI Discovery identifies AI applications, agents, LLM runtimes, and Model Context Protocol servers running across devices. EDR AI Runtime Protection tracks how AI applications behave on endpoints, logging commands, scripts, file activity, and network connections. The company is also watching AI agents inside SaaS platforms like Salesforce Agentforce, Microsoft Copilot, and ChatGPT Enterprise. CrowdStrike's thesis is blunt: the endpoint is where AI actions execute, so the endpoint is the control plane.
