By The headline from San Francisco this week writes itself: cybersecurity embraces AI. Forty-four thousand practitioners packed Moscone Center for RSAC 2026, and nearly every vendor on the floor had the word "agentic" somewhere in their booth. CrowdStrike, Google, Palo Alto Networks, Booz Allen Hamilton, Arctic Wolf, Databricks. The consensus take is that the security industry is harnessing AI to fight back against AI-powered threats.
That framing misses what actually happened.
The real story is an arms race nobody controls
RSAC 2026 was the week the cybersecurity industry admitted, product by product, that autonomous AI agents are already operating on both sides of the line. Not as experiments. As shipped products. The same week Hadrian launched Nova, an AI agent that chains vulnerabilities and escalates access across live networks to simulate real attackers, CrowdStrike debuted an Incident Prediction feature that attempts to forecast an attacker's next four to five moves. One vendor builds a machine that thinks like a hacker. Another builds a machine that tries to read the hacker-machine's mind. That is not "AI in security." That is machines fighting machines, with humans increasingly in an oversight role they haven't figured out yet.
This pattern has a name. It's called an offense-defense spiral, and it's the oldest dynamic in military strategy. What makes 2026 different from the last time security vendors bolted "AI" onto their marketing is that the agents shipping now actually make autonomous decisions. They don't wait for a human to approve the next step.
What shipped this week
The product announcements were relentless. Here are the ones that matter structurally.
Hadrian's Nova is an agentic pentesting tool that replicates what elite offensive security professionals do, autonomously. It chains vulnerabilities, escalates access across real assets, and runs continuously without human-driven scheduling. According to Hadrian CEO Rogier Fischer, "AI-driven automation now allows attackers to weaponize vulnerabilities at machine speed and attackers don't wait." Nova is priced per-test, available immediately, and represents a direct challenge to the traditional penetration testing consulting model.
Booz Allen Hamilton's Vellox is a suite of five AI-native cybersecurity tools covering malware analysis, detection engineering, adversary emulation, compliance monitoring, and autonomous remediation. Booz Allen described it as built on 30 years of adversarial tradecraft, targeting both federal defense customers and Fortune 500 companies. This is a defense contractor shipping offensive AI know-how as commercial product. That alone tells you where we are.
