Enterprise AI Jun 9, 2026 · iEnable Team · 15 min read

AI Agent Governance After RSAC 2026: What Actually Changed in 6 Weeks

RSAC 2026 promised to fix AI agent governance. Six weeks later, we track what vendors shipped, what enterprises actually deployed, and the gap that's widened — not closed.

← Back to Blog

AI Agent Governance After RSAC 2026: What Actually Changed in 6 Weeks

📅 June 9, 2026 ⏱ 15 min read

Six weeks ago, RSAC 2026 ended with a simple verdict: the AI agent governance market had arrived, but nobody had solved it.

Eight vendors launched platforms. Three acquisitions closed. A new Innovation Sandbox category was minted for agent security. The expo floor buzzed with the word “governance” — applied to agents, models, MCP servers, and everything in between.

We said at the time that the fundamental problem remained unsolved: how do you govern AI agents that span Microsoft, Google, Salesforce, ServiceNow, and a dozen custom builds simultaneously?

Six weeks later, here’s what has and hasn’t changed.

What Actually Shipped After RSAC

Conference launches are promises. Post-conference GA dates are commitments. Here’s the scorecard:

Microsoft Entra Agent ID: Generally Available (with caveats)

Microsoft shipped Entra Agent ID on the promised May 1 date — a genuine milestone. Every Copilot Studio agent, Azure AI Foundry deployment, and Agent 365 workflow now gets a unique non-human identity, managed through Entra’s existing IAM infrastructure.

What changed: Enterprises already in the Microsoft ecosystem can now assign, govern, and audit AI agent identities the same way they manage service accounts. For organizations running predominantly Microsoft workloads, this is a real capability gain.

What didn’t change: The cross-platform blind spot is larger than it was before. Now that Microsoft agents have robust identity governance, the gap between governed Microsoft agents and ungoverned agents on other platforms is more visible — and more awkward to explain in a board presentation.

Early adopters report a new category of problem: “identity envy.” Security teams who can show perfect Microsoft agent compliance charts now face harder questions about why the Salesforce Agentforce deployments, the AWS Bedrock agents, and the custom LangChain builds their product team spun up in March have no equivalent governance.

ServiceNow AI Control Tower + Microsoft Integration: Partial Delivery

The ServiceNow-Microsoft integration announced at RSAC was positioned as the first cross-platform governance breakthrough. Six weeks later, enterprise security teams describe the reality differently.

The integration works — for agents that touch both ServiceNow and Microsoft workflows. The unified dashboard shows agent activity from both ecosystems, and policy inheritance from ServiceNow’s Control Tower applies to cross-platform workflows.

But the original claim was that this represented a meaningful step toward cross-platform governance. What it actually represents is a two-platform bilateral agreement. Salesforce agents still don’t appear in the Control Tower. Google Workspace AI agents are invisible. The shadow agents your marketing operations team deployed on Make.com last month aren’t there either.

“We have two dashboards now instead of eight,” one enterprise security architect told us. “That’s progress. It’s not governance.”

Protect AI: Real Progress on Model Security

Protect AI’s $35M Series B post-RSAC is being deployed in a direction most enterprises can actually use. Their ML supply chain security tooling now integrates with GitHub Actions, GitLab CI/CD, and Hugging Face Model Hub — meaning organizations can scan models for vulnerabilities before they reach production.

This is important work. It’s also not agent governance in the sense most enterprises need. Model security addresses what AI systems are built from. Agent governance addresses what deployed agents actually do in production, across which systems, with which data, under whose authority.

Both matter. They’re different problems.

Check Point + Zenity (Formerly Acquired): Integration Underway

The Check Point/Zenity acquisition closed as announced, and integration is proceeding. Zenity’s low-code/no-code app agent discovery is being folded into Check Point’s Infinity Platform, with a target of unified agent discovery alongside existing application security coverage.

Integration timelines are running approximately 2-3 months behind internal targets, according to multiple sources familiar with the deal. Full feature parity between the pre-acquisition Zenity product and the Check Point integration is now expected Q3 2026 instead of the original Q2 target.

What Enterprises Are Actually Deploying

Conference launches and enterprise deployment timelines don’t match. Here’s what’s actually moving in organizations right now, based on conversations with enterprise security and IT teams through May and early June 2026.

The Inventory Problem Is Getting Worse

Six weeks of additional agent deployment has not slowed. It has accelerated.

The number of production AI agents in a typical enterprise grew an estimated 23% in May 2026 alone, driven primarily by:

The organizations that left RSAC with a plan to audit their agent inventory have, in many cases, discovered that the inventory they’re auditing is out of date by the time the audit completes. Agent deployment velocity has outpaced governance implementation velocity every week since the conference.

Three Tiers of Enterprise Response

A clear pattern has emerged among large enterprises post-RSAC. Organizations are falling into one of three buckets:

Tier 1: Platform Consolidators (roughly 15% of enterprises)

These organizations have made a strategic bet: consolidate AI agent deployment on one or two platforms, then leverage those platforms’ native governance tools. The Microsoft-only or Microsoft+ServiceNow approach. The upside is actually achievable governance within the chosen ecosystem. The downside is that business units with legitimate needs for other tools continue to deploy shadow agents outside the governance perimeter.

Tier 2: Tool Evaluators (roughly 60% of enterprises)

The majority of enterprises are still evaluating. They left RSAC with vendor shortlists. They’ve been running POCs. Most report that the demonstrations were more impressive than the actual integrations with their existing environments.

Common friction points: agents built on frameworks not covered by vendor integrations, identity governance that doesn’t connect to existing IAM infrastructure, and pricing models that were unclear at the conference but became significant barriers in procurement.

Tier 3: Governance-Debt Acceptors (roughly 25% of enterprises)

A meaningful minority of enterprises have, consciously or unconsciously, decided to accept governance debt for now. Agent deployment continues, governance implementation is deferred, and the organization is betting on future platform convergence to solve the problem. This is the same bet organizations made with shadow IT a decade ago. The results were mixed.

The Numbers That Changed in 6 Weeks

Fresh data from June 2026 enterprise AI surveys and vendor reporting:

MetricRSAC Week (April 2026)June 2026Change
Avg. agent platforms per enterprise4.25.1+21%
Enterprises with formal agent governance21%24%+3pp
Shadow AI agents per enterprise (estimated)3.7× approved4.2× approved+14%
Enterprises that can halt rogue agent in <4 hrs40%43%+3pp
Enterprises with cross-platform agent inventory14%17%+3pp

The headline: six weeks of active market attention improved enterprise governance metrics by 3-4 percentage points. Agent deployment and shadow AI growth improved by 14-21%. Governance is improving. It’s improving slower than the risk is growing.

The EU AI Act Countdown: August 2 Is Real

When RSAC ended, the EU AI Act’s full implementation date was 14 weeks away. Now it’s 8 weeks away, and the compliance picture is not improving fast enough.

Key requirements that go live August 2:

Article 9 — Risk Management Systems: Every organization deploying AI systems in the EU must have documented risk management covering system identification, risk assessment, and mitigation measures. For AI agents, this means knowing what agents you’re running and what risks they carry — the same inventory problem most enterprises haven’t solved.

Article 14 — Human Oversight: AI systems making consequential decisions must have human oversight mechanisms. For autonomous agents — the kind that execute multi-step workflows, approve transactions, or modify data — this requires documented escalation paths, override mechanisms, and audit trails. Most enterprise agent deployments have none of these.

Article 52 — Transparency Obligations: Users interacting with AI agents must be informed they’re interacting with an AI. This affects customer-facing agents, employee-facing chatbots, and any automated communication system. Non-compliance fines reach €35 million or 7% of global revenue.

The compliance reality: Most enterprises are 60-70% ready on Article 52 (the disclosure requirement — it’s the easiest). On Articles 9 and 14, the governance infrastructure requirements, readiness rates drop to 30-40%.

Eight weeks is not enough time to build governance infrastructure from scratch. Organizations that haven’t started are now in a compliance triage position: identify the highest-risk agent deployments, implement minimum viable governance for those systems, and document everything in a way that shows good-faith compliance effort.

This is not ideal governance. It may be legally sufficient, temporarily.

Three Things That Have Genuinely Changed

Amid the sobering statistics, some real progress deserves acknowledgment.

1. The Language Has Unified

Before RSAC, enterprise conversations about AI agent risk used a dozen different vocabularies. “Agent security.” “AI governance.” “LLM guardrails.” “Agentic risk management.” Vendors, buyers, and regulators couldn’t always tell if they were talking about the same things.

Post-RSAC, a shared vocabulary has emerged. “Agent inventory,” “non-human identity governance,” “cross-platform policy enforcement,” and “agent lifecycle management” are now understood terms in enterprise security conversations. This may seem minor. It’s not — shared language is a precondition for shared standards, and shared standards are a precondition for interoperable governance tools.

2. Board-Level Visibility Has Increased

The RSAC announcements, the EU AI Act timeline, and a handful of high-profile agent-related incidents (a rogue customer service agent at a European bank that committed to refund terms outside its authorization scope; an AI procurement agent that executed purchases beyond its approval limit) have moved AI agent governance from CISO agenda items to board risk discussions.

Enterprise CISOs report that board questions about AI agent risk are 3-4× more frequent in May-June 2026 than they were in Q1. This creates budget pressure — and budget creates implementation urgency in a way that conference attendance doesn’t.

3. The Vendor Landscape Is Sorting Itself

The 8 RSAC vendor launches haven’t all survived contact with enterprise procurement equally. Six weeks of POCs, security reviews, and pricing negotiations have begun to create differentiation between vendors who can actually integrate with complex enterprise environments and vendors whose demos were more polished than their products.

This is healthy. The AI governance vendor market needed to move from “everyone is launching” to “differentiated capabilities are emerging.” That sorting process is underway.

What Still Hasn’t Changed (And Won’t Until It Does)

The Structural Incentive Problem

Every major platform vendor — Microsoft, Google, Salesforce, ServiceNow, AWS — has a financial incentive to provide excellent governance within their ecosystem and no incentive to provide governance across ecosystems. Cross-platform governance is, from a platform vendor’s perspective, a capability that reduces switching costs and enables competitors.

This incentive structure hasn’t changed since RSAC. It won’t change voluntarily. The only forces that can change it are: regulatory requirements that mandate cross-platform interoperability (not currently in the EU AI Act), enterprise buyer pressure organized through procurement standards (nascent), or a category-defining cross-platform governance vendor that proves the market exists (closest thing we have is the early-stage tools that were at RSAC).

The Shadow AI Acceleration

Shadow agent deployment is growing faster than formal governance adoption. This is the dynamic that, left unaddressed, will make the governance problem geometrically harder over time. Every unsanctioned agent deployed today is a future governance audit item, a potential compliance violation, and a governance debt that compounds.

The enterprises with the best governance outcomes in 12 months will not be the ones that built the best governance systems in 2026. They’ll be the ones that slowed shadow agent deployment while building governance infrastructure — by making sanctioned, governed agent deployment easier than unsanctioned deployment. Very few are executing this strategy today.

The Action Plan: June 2026 Edition

If you’re a CISO or IT leader reading this in June 2026, here’s where to focus the next 8 weeks before the EU AI Act deadline:

Immediate (This Week):

  1. Run an emergency agent audit. Every team that attended RSAC came home and started deploying things. You have agents now that you didn’t have in April. Find them.

  2. Classify by risk tier. Not all agents need the same governance. Customer-facing, transaction-executing, and data-accessing agents are tier 1. Internal productivity tools that don’t touch regulated data are tier 3. Map your inventory to risk tiers before building uniform controls.

  3. Confirm EU Article 52 compliance. The disclosure requirement is the lowest-hanging compliance fruit. Every customer-facing AI interface should have disclosure language in place before August 2.

This Month:

  1. Implement basic kill switch capability. For every tier-1 agent, document a procedure for stopping it within 4 hours. This doesn’t have to be automated yet. Manual runbooks beat nothing.

  2. Choose your governance platform POC winner. If you’ve been evaluating, you need to pick one and start implementation. The market will not sort itself before August 2.

  3. Establish a shadow AI amnesty window. Give business units 30 days to surface unauthorized agent deployments without punitive consequences. Use the data to understand your actual governance surface area.

Before August 2:

  1. Document everything. EU AI Act compliance for the August deadline is as much about documentation as it is about capability. Risk assessments, governance policies, oversight procedures — written down, version-controlled, accessible for audit.

  2. Brief your legal team. They need to understand what agents you’re running, where (EU-affecting = any agent interacting with EU residents), and what governance you have. If an enforcement action comes, they need 24 hours of preparation, not 24 days.

The Bottom Line: Six Weeks of Progress, Still a Long Way to Go

RSAC 2026 was the beginning of a governance conversation, not its conclusion.

Six weeks later, some real things have changed: shared vocabulary, board-level visibility, beginning of vendor market differentiation, and incremental improvement in enterprise governance metrics.

But the fundamental gap remains. Enterprise AI agent deployments are growing faster than governance is being implemented. The cross-platform visibility problem that no RSAC vendor solved hasn’t been solved in the weeks since. And the EU AI Act deadline is 8 weeks away.

The organizations that navigate this well will be the ones that treat governance not as a compliance checkbox but as the operational infrastructure that makes safe, scalable agent deployment possible. That framing — governance as enablement, not restriction — is what separates enterprises that will deploy AI agents at competitive velocity from those that will be paralyzed by the governance debt they’ve accumulated.

The market has arrived. The solution hasn’t. Eight weeks to the deadline, the gap still matters.