Cisco used RSA Conference 2026 to unveil a set of security tools enterprises deploying AI agents, as new data highlights a gap between experimentation and production use.
According to Cisco, 85 percent of surveyed enterprises are testing AI agents, but only 5 percent have deployed them at scale. The company’s updates focus on identity management, access control and runtime protections for what it describes as an emerging “agentic workforce.”
The new capabilities extend zero trust principles to AI agents, including identity assignment, activity tracking and fine-grained access controls. Cisco also introduced tools for testing model resilience and enforcing guardrails during deployment, along with an open-source framework designed to automate security checks across agent environments.
On the operations side, Cisco is expanding AI-driven features within Splunk to automate detection and response workflows. The updates include specialized agents for tasks such as threat triage, malware analysis and incident response, aimed at reducing manual workloads in security operations centers.
“AI agents aren’t just making existing work faster; they’re a new workforce of co-workers that dramatically expand what organizations can accomplish,” said Jeetu Patel, President and Chief Product Officer at Cisco.
The company framed the announcements around three priorities: controlling how agents act, protecting them from external threats and accelerating detection and response. The strategy reflects growing concern that existing security tooling is not designed for autonomous systems operating across multiple environments.
Cisco said additional features will roll out through mid-2026, including expanded analytics and automation capabilities for SOC teams.