Key Takeaways
- AI agent governance funding hit $2.5B in 2025, up 40% year-over-year—and RSAC 2026 was the inflection point where enterprise buyers started demanding real solutions.
- 8 vendors launched governance platforms at RSAC 2026. Not one addresses cross-platform agent visibility across Microsoft, Google, ServiceNow, and Salesforce environments.
- Check Point acquired Zenity, Protect AI raised $35M, and Calypso AI secured $23M—signaling that agent security is now a board-level concern.
- The SERP for “AI agent governance” is now dominated by post-RSAC recap content—enterprises are actively researching how to govern agents deployed across multiple platforms.
- 92% of MCP servers carry high security risk, and the average enterprise runs agents across 4.2 different platforms—creating blind spots that no single-vendor governance tool can close.
- The EU AI Act takes full effect August 2, 2026, making governance a compliance deadline, not a roadmap item.
AI Agent Governance After RSAC 2026: What $2.5B in Funding Bought (and What It Didn’t)
📅 April 1, 2026 ⏱ 14 min read
RSAC 2026 was supposed to be the year AI agent governance got solved.
Billions in funding. Eight vendor launches. Three acquisitions. A new Innovation Sandbox category for agent security. The message from the expo floor was clear: the market has arrived.
But when CISOs returned to their offices, the fundamental question remained unanswered: how do you govern AI agents that span Microsoft, Google, Salesforce, and ServiceNow—all at once?
This roundup breaks down what actually happened at RSAC 2026, what the $2.5B in AI governance funding has and hasn’t delivered, and the critical gap that enterprise security teams must close before the EU AI Act deadline on August 2.
The RSAC 2026 Vendor Landscape: 8 Launches, 1 Pattern
RSAC 2026 featured more AI governance announcements than any previous conference. Here’s what shipped:
Tier 1: Platform Incumbents
| Vendor | What They Launched | The Gap |
|---|---|---|
| Microsoft | Agent 365 — $15/user identity and guardrails for Copilot agents | Only governs Microsoft ecosystem. Zero visibility into Google, Salesforce, or custom agents. |
| ServiceNow | AI Specialists — Pre-built agent roles with governance controls | Locked to ServiceNow workflows. Can’t monitor agents built on other platforms. |
| Salesforce | Agentforce Trust Layer — Built-in guardrails for Salesforce agents | Same pattern: Salesforce-only governance. |
Tier 2: Security Startups
| Vendor | Focus | Funding | What They Got Right | What They Missed |
|---|---|---|---|---|
| Protect AI | ML supply chain security | $35M Series B | Model vulnerability scanning, SBOM for AI | No runtime agent monitoring |
| Calypso AI | Enterprise AI guardrails | $23M Series A | Real-time guardrails for LLM outputs | Single-model focus, no multi-agent orchestration visibility |
| Lakera | AI red-teaming | $20M (EU-focused) | Prompt injection detection | Testing tool, not governance platform |
| Credo AI | AI risk management | $43M total | Compliance mapping, risk scoring | Assessment tool, not runtime governance |
Tier 3: Acquisitions
- Check Point acquired Zenity (~$100M) — low-code/no-code app security now integrated into Infinity Platform
- Palo Alto Networks expanded Cortex AI for agent-level threat detection
- CrowdStrike added “EDR for AI agents” to Falcon platform
The Pattern No One Is Talking About
Every vendor at RSAC 2026 governs agents within their own ecosystem. Microsoft governs Microsoft agents. ServiceNow governs ServiceNow agents. Even the startups focus on single attack vectors—prompt injection OR model security OR compliance assessment.
But the average enterprise deploys agents across 4.2 platforms (Microsoft, Google, Salesforce, and at least one vertical tool). Who governs the gaps between them?
Nobody. That’s the $2.5B blind spot.
What the Data Shows: 5 Post-RSAC Reality Checks
1. The Discovery Problem Is Worse Than Reported
Before you can govern agents, you need to know they exist. RSAC sessions revealed:
- 73% of enterprises have “shadow AI agents” — autonomous tools deployed by business units without IT knowledge (see our shadow AI analysis)
- The average organization has 3.7x more AI agents than they’ve officially approved
- Non-human identities now outnumber employees 82-to-1 — and most identity governance tools weren’t built for agents
2. The Kill Switch Problem Remains Unsolved
RSAC’s “EDR for AI agents” concept is promising but premature:
- 60% of enterprises can’t terminate a rogue agent in under 4 hours (full analysis)
- Multi-platform agent chains make containment exponentially harder — killing a Copilot agent doesn’t stop the downstream Salesforce agent it triggered
- No vendor demonstrated cross-platform kill switch capability at RSAC
3. Observability ≠ Governance
Several RSAC vendors conflated monitoring with governance. They’re different:
- Observability tells you what agents are doing (logs, traces, metrics)
- Governance enforces what agents are allowed to do (policies, guardrails, lifecycle management)
- The winning Innovation Sandbox startup showed real-time agent behavior dashboards — but dashboards without policy enforcement are surveillance, not governance
For a deeper dive, see our AI agent observability guide.
4. Compliance Deadlines Don’t Wait for Vendors
The EU AI Act takes full effect August 2, 2026. Key requirements for AI agent governance:
- Article 9: Risk management systems must cover autonomous AI agents
- Article 14: Human oversight requirements apply to any agent making consequential decisions
- Article 52: Transparency obligations — users must know when they’re interacting with an AI agent
- Fines: Up to €35 million or 7% of global revenue
RSAC vendors showed compliance assessment tools. None showed automated compliance enforcement across multi-platform agent deployments.
5. The Funding Paradox
$2.5B in AI security funding in 2025. Yet:
- Zero funded companies solve cross-platform governance
- Most funding went to model-layer security (prompt injection, jailbreaks, model poisoning)
- Infrastructure-layer governance (agent identity, cross-platform policy, lifecycle management) received less than 10% of total funding
- The gap between where money goes and where risk lives is widening
The Framework That’s Actually Needed
Based on what RSAC 2026 revealed (and what it didn’t), enterprise AI agent governance requires five pillars that no single vendor currently delivers end-to-end:
Pillar 1: Cross-Platform Agent Discovery
You can’t govern what you can’t see. A governance platform must discover agents across:
- Microsoft Copilot Studio, Azure AI
- Google Vertex AI, Gemini agents
- Salesforce Agentforce
- ServiceNow AI Specialists
- Custom agents built on LangChain, CrewAI, AutoGen
- Shadow agents deployed without IT approval
Pillar 2: Unified Agent Identity
Every agent needs an identity that works across platforms:
- Non-human identity management integrated with existing IAM
- Role-based access controls that span vendor boundaries
- Credential lifecycle management (rotation, revocation, auditing)
- Agent-to-agent trust chains for multi-agent workflows
Pillar 3: Policy Enforcement (Not Just Assessment)
Assessment tells you where you’re exposed. Enforcement prevents the exposure:
- Machine-readable governance policies
- Real-time guardrail enforcement across all platforms
- Automated escalation when agents exceed boundaries
- Policy inheritance so new agents deploy with governance by default
Pillar 4: Runtime Monitoring with Kill Switch
RSAC’s “EDR for agents” concept, but cross-platform:
- Real-time behavior monitoring across all agent environments
- Anomaly detection for agent drift (when agents deviate from intended behavior)
- Cross-platform kill switch that can halt an agent chain, not just one agent
- Blast radius assessment before and during containment
Pillar 5: Lifecycle Governance
Agents aren’t static — they evolve, spawn sub-agents, and eventually need decommissioning:
- Agent versioning and change management
- Sub-agent governance (when agents create other agents)
- Sunset policies and automated decommissioning
- Audit trails that survive the agent’s lifecycle
For the complete framework, see our AI agent governance guide.
What CISOs Should Do Now (April 2026 Action Plan)
Don’t wait for vendors to solve cross-platform governance. Start with what you can control:
This Week
- Audit your agent inventory. Use each platform’s admin console to list all deployed agents. Compare to your approved list. The gap is your shadow AI exposure.
- Map cross-platform agent chains. Identify agents that trigger actions in other platforms. These are your highest-risk workflows.
- Review MCP server configurations. 92% carry high security risk. Disable any with zero authentication.
This Month
- Implement agent identity standards. Extend your IAM to cover non-human identities. Start with high-privilege agents first.
- Deploy basic kill switch capability. Even manual runbooks beat nothing. Document how to stop every critical agent within 15 minutes.
- Begin EU AI Act gap assessment. Map your agent deployment against Article 9, 14, and 52 requirements. The August deadline is 4 months away.
This Quarter
- Evaluate cross-platform governance solutions. The market is immature but moving fast. Request demos that show multi-vendor visibility.
- Build governance-by-default into agent deployment. No new agent goes live without identity, monitoring, and policy baseline.
- Establish agent governance committee. Include security, compliance, IT, and the business units deploying agents.
The Bottom Line
RSAC 2026 proved that AI agent governance is a real market, not a buzzword. $2.5B in funding, 8 vendor launches, and 3 major acquisitions in a single quarter.
But the market is solving the easy problems — single-platform monitoring, model-layer security, compliance checklists — while the hard problem remains untouched: governing agents that span your entire technology stack.
The enterprises that close this gap first will deploy AI agents faster, safer, and with the confidence that comes from actual control — not just another dashboard.
The EU AI Act deadline is August 2. The time to build your governance framework is now.
Related Reading
- What Is AI Agent Governance? Complete 2026 Guide — the foundational explainer
- RSAC 2026: 5 Vendors, $375M, Same Blind Spot — the vendor analysis
- Cross-Platform AI Governance: What RSAC Got Wrong — the cross-platform deep dive
- Non-Human Identity Governance: The 82:1 Gap — identity-specific guidance
- The AI Agent Kill Switch Problem — containment strategies
- AI Agent Observability Enterprise Guide — monitoring fundamentals
- MCP Governance Enterprise Guide — protocol-level security