As hundreds of vendors descend on San Francisco for the RSAC 2026 Conference, the sheer volume of news can be overwhelming. To help you navigate the noise, SecurityWeek is providing a daily digest of the most significant announcements.
Below is our curated roundup of essential news from the third and fourth days of the event (as well as some announcements we may have missed in the previous days). Roundups of announcements from day 1, day 2, and the days leading up to the conference are also available.
Accenture and Anthropic launch Cyber.AI for security operations
Accenture has introduced Cyber.AI, a new cybersecurity solution that uses Anthropic’s Claude model as a central reasoning engine to automate security workflows. The platform integrates a library of autonomous agents to synthesize security data and provide contextual insights throughout the security lifecycle. It features a specialized component called Agent Shield to monitor and govern these autonomous agents in real-time to ensure they adhere to defined organizational policies.
Akamai and Bolster AI detect brand impersonation and phishing
Bolster AI and Akamai have teamed up to help organizations detect and disrupt brand impersonation and phishing campaigns targeting their customers. The new Brand Guardian solution combines Akamai’s global internet infrastructure with Bolster’s AI-driven fraud detection and automated takedown technology to detect impersonation campaigns earlier, observe attacks from the victim’s perspective, disrupt campaigns using automated investigation and takedown workflows, and understand campaign impact.
Arctic Wolf warns of AI malware surge
Arctic Wolf Labs has analyzed over 22,000 AI‑assisted malware samples and found that a significant share of this malware is novel and harder to catch with traditional tools—39% initially evaded signature-based detection. While AI increases the scale of threats, most activity is not tied to sophisticated or known actors, and the resulting malware can still be detected with the right layered defenses.
Barracuda adds AI risk visibility to BarracudaONE platform
Barracuda Networks has announced enhancements to its BarracudaONE cybersecurity platform, along with a revamped global Partner Success Program, aimed at strengthening cyber resilience and supporting partner growth. The platform updates boost protection across email, network access, and generative AI usage. Barracuda has overhauled its Partner Success Program, creating a unified model for MSPs, resellers, and hybrid partners with expanded benefits and incentives.
CrowdStrike launches Charlotte AI AgentWorks ecosystem
CrowdStrike announced the Charlotte AI AgentWorks ecosystem for building secure agents, with launch partners including Accenture, AWS, Anthropic, Deloitte, Kroll, NVIDIA, OpenAI, Salesforce, and Telefónica Tech. The ecosystem enables customers to leverage CrowdStrike’s no-code development platform and frontier AI models to securely build, orchestrate, and scale custom security agents, while opening new opportunities for partners to create agentic security businesses on the Falcon platform.
CyberProof publishes PXA Stealer analysis
CyberProof MDR analysts and threat researchers have identified a significant surge in PXA Stealer activity targeting global financial institutions during Q1 2026. These campaigns primarily leverage phishing emails containing malicious URLs that trigger the download of compromised ZIP attachments. Threat actors have demonstrated high levels of adaptability, utilizing diverse lures ranging from curriculum vitae and Adobe Photoshop installers to tax forms and legal documentation. Following the 2025 takedowns of major infostealers such as Lumma, Rhadamanthys, and RedLine, CyberProof observed that PXA Stealer activity has filled the resulting vacuum, seeing an estimated growth of 8-10%.
Cyber Sierra collaboration with ST Engineering’s Cyber business
Cyber Sierra announced a new collaboration with ST Engineering’s Cyber business to help organisations bring together AI‑driven governance and frontline cybersecurity operations for continuous, outcome-focused cyber resilience.
DigiCert enhances Document Trust Manager
DigiCert has introduced several updates to its Document Trust Manager platform to streamline digital signing workflows and enhance key security. The system now features centralized key management (eliminating the need for physical tokens by providing secure cloud-based storage for signing certificates). New unified workflows provide enterprise-wide visibility into signing activities (allowing administrators to monitor document integrity and track usage across the organization). The platform also supports various global PKI standards to ensure compliance with regional regulatory requirements for cross-border digital transactions.
Ironscales launches email threat intel series
Ironscales announced ‘Email Attack of the Day,’ an ongoing email threat intelligence blog series spotlighting recent, real phishing attacks caught by the organization’s adaptive AI and its community of 30,000+ security professionals. Each post breaks down one attack — what it looked like, why it worked, and what users can do about it. The company also introduced new email security agents that anticipate, investigate, and prepare for advanced phishing attacks.
Menlo Security introduces browser security platform for governing AI agents
Menlo Security has released a platform designed to monitor and control the activities of autonomous AI agents operating within web browsers. The platform provides visibility into agent-driven web sessions to prevent unauthorized data exfiltration and ensure compliance with corporate governance standards. The solution allows organizations to define granular permissions for AI agents.
Minimus launches open source program
Minimus announced a new open source program that provides maintainers with free access to hardened container images, SBOM generation and analysis, and real-time threat intelligence. The initiative aims to close the security gap for open source projects that underpin critical infrastructure but lack enterprise-grade supply-chain security tooling. Accepted projects can integrate Minimus images into their pipelines to reduce attack surface, gain visibility into dependencies, and accelerate vulnerability remediation.
Nile debuts zero-trust network fabric
Nile has updated its networking platform to incorporate “datacenter-class” security features designed to limit lateral movement within campus and branch environments. The architecture utilizes AI-driven automation to enforce granular micro-segmentation. By integrating these controls directly into the network fabric, the system aims to contain potential breaches by reducing the available attack surface.
pQCee launches crypto-agile CNG provider for Windows
Singapore-based pQCee has introduced a crypto-agile Cryptography Next Generation (CNG) provider for Microsoft Windows. It allows enterprises, governments, and regulated industries to rapidly adopt post-quantum cryptographic algorithms, comply with national security requirements, and prepare for integration with emerging quantum hardware. The solution provides seamless support for custom post-quantum algorithms and implementations directly within Windows.
Protos Labs launches freemium edition of Protos AI
Protos Labs has introduced a free tier of Protos AI, its agentic AI platform designed to automate the collection and analysis of cyber threat intelligence (CTI). The system utilizes specialized AI agents to execute tasks across the CTI lifecycle (including planning, evidence collection, and citation-backed reporting). The platform is model-agnostic and functions independently of existing security stacks to build ‘organizational intelligence memory’ by linking threat entities across historical investigations. Human analysts maintain control by approving investigation plans and validating the agents’ outputs before dissemination.
Quokka announces Microsoft Sentinel integration
Quokka Q-scout now integrates with Microsoft Sentinel to centralize mobile application risk intelligence across Microsoft Intune-managed devices. The connector automatically ingests app inventories from Intune, analyzes them using Quokka’s mobile app vetting engines, and streams security, privacy, and compliance risk findings into Sentinel.
The Qualys Threat Research Unit (TRU) released what it described as the largest remediation study ever conducted, examining more than 1 billion CISA KEV records across over 10,000 organizations spanning four years. The study found that vulnerability volume has increased 6.5x in the last three years, while exploitation timelines have collapsed to -1 days. Despite processing more tickets, security teams left 63% of critical vulnerabilities open on day 7 in 2025, a deterioration from 56% in 2022. Out of 52 actively weaponized vulnerabilities that were analyzed, half were exploited before public disclosure.
Scantist launches autonomous pentesting platform in the US
Singapore-based Scantist has announced the US launch of PAIStrike, an autonomous penetration testing platform designed to validate real-world security risks. PAIStrike functions as a coordinated multi-agent system that autonomously analyzes targets, devises multi-step attack strategies, executes exploits, evaluates results, and dynamically adjusts its tactics in real time.
Skyhigh Security adds new capabilities to SSE platform
Skyhigh Security announced new capabilities for its Security Service Edge (SSE) platform. The company introduced new offerings and updates to strengthen its platform, including Next-Generation SSE Hybrid and Secure Browser Controls solutions, along with updates to Skyhigh DSPM to create a unified view of data risk across multi-vendor environments.
Vorlon introduces forensics and incident response tools for AI agent ecosystems
Vorlon has launched two new products, AI Agent Flight Recorder and AI Agent Action Center, to provide forensics and coordinated response for enterprise AI and SaaS environments. The Flight Recorder uses intelligent simulation technology to capture a continuous audit trail of agent actions across various identities, APIs, and data classifications. To address identified risks, the Action Center prioritizes security findings and routes remediation guidance to relevant stakeholders. These tools integrate with existing security workflows, including SIEM and SOAR platforms.
