RSAC 2026 was the conference where AI agent governance went from niche concern to mandatory budget line. Over $392 million in funding was announced in the two weeks surrounding the event. Every major security vendor launched an AI agent governance product. SANS confirmed that for the first time in 25 years, every dangerous attack technique on their annual list involves AI. We tracked every launch. Here's what each one actually does — and what they all missed.
The Big Picture: $392M in Two Weeks
Before we rank individual products, understand the scale of what happened. In the two weeks around RSAC 2026:
- JetStream Security: $34M seed (Redpoint + CrowdStrike Falcon Fund)
- Oasis Security: $120M Series B ($195M total, Craft + Sequoia + Accel)
- Geordie AI: $6.5M seed (General Catalyst) — RSAC Innovation Sandbox winner
- AvePoint AgentPulse: First public company (28K customers) shipping multicloud agent governance
- Multiple stealth startups: $50M+ combined across seed rounds
Total Q1 2026 AI governance funding likely exceeds $500 million. The market has been validated. Now the question is who captures it.
The Vendor Scorecard
We evaluated each RSAC 2026 launch across five dimensions: cross-platform coverage (does it work beyond one ecosystem?), governance depth (policy enforcement vs. just monitoring), identity model (NHI handling), cost management (FinOps for agents), and enablement (does it help agents work better, or just restrict them?).
Tier 1: Purpose-Built AI Agent Governance
JetStream Security — SAIG Platform
| Dimension | Rating |
|---|---|
| Cross-Platform | Strong — discovers across SaaS, endpoints, cloud, APIs |
| Governance Depth | Strong — Blueprint-based drift detection, runtime monitoring |
| Identity | Strong — ABAC with owner binding |
| Cost Management | Strong — per-workflow cost tracking |
| Enablement | Weak — security-first, not enablement-focused |
What it does: AI Blueprints create dynamic graphs mapping every agent, model, tool, and identity in your environment. When behavior drifts from the approved blueprint, you see it immediately. Founded by CrowdStrike, SentinelOne, and McAfee veterans.
The gap: Security-first means it answers "are agents safe?" but not "are agents effective?" No cross-platform workforce management or ROI optimization. Read our full JetStream comparison →
AvePoint AgentPulse
| Dimension | Rating |
|---|---|
| Cross-Platform | Medium — multicloud but M365-heavy |
| Governance Depth | Strong — policy enforcement, compliance workflows |
| Identity | Medium — integrated with existing IAM |
| Cost Management | Medium — licensing optimization |
| Enablement | Medium — adoption tracking |
What it does: First publicly traded company (28,000 customers) shipping AI agent governance. Strong in Microsoft ecosystem governance with compliance workflows.
The gap: Built on AvePoint's M365 heritage. Multicloud positioning is new; depth outside Microsoft ecosystem remains unproven.
Geordie AI — Beam Platform
| Dimension | Rating |
|---|---|
| Cross-Platform | Medium — framework-agnostic runtime |
| Governance Depth | Strong — real-time context engineering |
| Identity | Weak — not identity-focused |
| Cost Management | Weak — not a focus |
| Enablement | Strong — performance optimization |
What it does: RSAC Innovation Sandbox winner. Real-time context engineering for AI agents — optimizes what agents see and how they reason. $6.5M seed from General Catalyst.
The gap: Layer 2 performance optimization, not Layer 3 workforce governance. Strong technology but narrow scope.
Tier 2: Security Vendors Adding AI Agent Features
CrowdStrike — Falcon AI Detection & Response (AIDR)
What launched: General availability of Falcon AIDR, plus AI agent discovery and shadow AI governance. New Falcon Data Security with AI-driven classification.
Assessment: CrowdStrike brings world-class endpoint detection to the AI agent problem. Agent discovery is real. But it governs agents visible to the Falcon sensor — custom agents running in cloud containers or third-party SaaS may fall outside coverage.
Cisco — DefenseClaw + Agent Runtime SDK
What launched: DefenseClaw (open source secure agent framework) and an Agent Runtime SDK that embeds policy enforcement into AWS Bedrock, Google Vertex, Microsoft Azure AI Foundry, and ServiceNow. Plus Zero Trust Access for agents via Cisco Duo IAM.
Assessment: Most ambitious cross-platform play from an incumbent. The Agent Runtime SDK embedding policy into four major cloud platforms is genuinely innovative. But it's an SDK — developers must adopt it, and existing agents aren't covered retroactively.
Palo Alto Networks — Prisma AIRS 3.0
What launched: Prisma AIRS 3.0 secures the agentic AI lifecycle, enabling enterprises to move from observation to safe autonomous execution.
Assessment: Strong lifecycle approach. But Prisma AIRS is part of the broader Palo Alto stack — governance is a feature, not the product. Enterprises already running Palo Alto benefit; others face a platform commitment to access AI governance.
SentinelOne — Purple AI Auto Investigation
What launched: One-click agentic investigation that shrinks multi-hour investigations to minutes. GA on the Singularity Platform.
Assessment: This is AI agents doing security, not governing other agents. Important technology but different category — it's a security AI tool, not an AI governance tool.
Tier 3: Identity and Compliance Players
Saviynt — Identity Control Plane for AI Agents
What launched: Cross-platform identity management covering Bedrock, Copilot Studio, Vertex, ServiceNow, and Salesforce. Fortune 500 clients including Hertz and UKG.
Assessment: Strong identity layer (Layer 2 NHI). Covers the "who is this agent?" question across platforms. But identity is one dimension of governance — it doesn't address effectiveness, ROI, or workforce management.
Oasis Security — NHI Platform
What launched: $120M Series B for non-human identity management. $195M total funding from Craft, Sequoia, and Accel. 5x ARR growth, Fortune 500 clients.
Assessment: The NHI category leader. If your primary problem is "which agents have which credentials and who owns them?" Oasis is the answer. But NHI is Layer 2 identity, not Layer 3 workforce governance.
1Password — Unified Access
What launched: Agent security platform for deploying AI agents without losing control of credentials, secrets, and machine identities. Discovery, security, and audit at the moment of access.
Assessment: Credential management for agents is a real gap. Strong for securing the access layer. But it's password/secret management extended to agents, not comprehensive governance.
Secure Code Warrior — SCW Trust Agent: AI
What launched: Commit-level visibility into which LLMs influenced code commits, correlated with vulnerability exposure. Also tracks active MCP servers to prevent unauthorized tool access.
Assessment: Niche but valuable — governs AI in the code pipeline specifically. Strong for DevSecOps teams. Not applicable to non-development AI agent use cases.
Rubrik — SAGE (Semantic AI Governance Engine)
What launched: SAGE powers the Rubrik Agent Cloud, governing and securing AI agents with semantic understanding of data access patterns.
Assessment: Interesting data-centric approach to agent governance. But Rubrik is a data security company — this governs agents from the data protection angle, not the workforce management angle.
Mimecast — Agent Risk Center
What launched: Preview of Agent Risk Center for runtime data security. Detects, governs, and remediates data exposure from both employees and agents.
Assessment: Email security vendor extending to agent risk. Narrow scope focused on data exposure, not comprehensive agent governance.
The Pattern Nobody Mentioned
Every vendor at RSAC 2026 launched AI agent governance for their own ecosystem.
- CrowdStrike governs agents visible to Falcon
- Cisco embeds governance into Bedrock, Vertex, Azure, ServiceNow
- Palo Alto governs agents within the Prisma stack
- AvePoint governs agents in the Microsoft ecosystem
- SentinelOne's Purple AI operates within Singularity
The average enterprise in 2026 runs AI agents across 3–5 platforms simultaneously. Copilot for productivity, Glean for search, ChatGPT Enterprise for general AI, plus custom agents on LangChain, CrewAI, or AutoGen. Each platform now has its own governance tool. None of them govern the intersections.
Who manages the agent that uses Copilot to draft, Glean to research, and a custom LangChain tool to execute — all in one workflow?
That's the Layer 3 problem. Every RSAC 2026 launch addressed Layer 2 (monitoring, identity, security within a platform). Nobody addressed Layer 3 (cross-platform workforce governance).
What This Means for Enterprise Buyers
The $392M funding wave validates the problem. AI agents need governance. That's settled.
What isn't settled: which layer of governance to buy first.
- If agents are being exploited or running unsecured: Start with Layer 2 security (JetStream, CrowdStrike AIDR, or your existing security vendor's new AI features)
- If you have credential chaos across non-human identities: Start with Layer 2 identity (Oasis Security, Saviynt, 1Password Unified Access)
- If agents are scattered across 3–5 platforms with no unified management: Start with Layer 3 workforce governance (iEnable)
Most enterprises will need all three layers eventually. The question is sequencing — and that depends on whether your AI agent problem is primarily a security problem, an identity problem, or a management problem.
The Funding Tells the Story
| Company | Funding | Layer | Focus |
|---|---|---|---|
| Oasis Security | $195M total | Layer 2 | Non-human identity |
| JetStream Security | $34M seed | Layer 2 | Runtime security monitoring |
| Geordie AI | $6.5M seed | Layer 2 | Context engineering / performance |
| AvePoint | Public company | Layer 2–3 | M365-first governance |
| Astrix Security | $45M+ total | Layer 2 | NHI security |
| iEnable | Bootstrapped | Layer 3 | Cross-platform workforce governance |
Layer 2 is well-funded. Layer 3 is wide open. Every dollar invested in Layer 2 security monitoring creates demand for Layer 3 workforce governance — because once you can see all your agents, you need to manage them.
What Happens Next
RSAC 2026 was the starting gun, not the finish line. Over the next 12 months:
- Consolidation: Several of these vendors will merge or be acquired. The market can't sustain 15+ point solutions for AI agent governance.
- Platform plays: CrowdStrike, Cisco, and Palo Alto will deepen their agent governance features, making it harder for startups to compete on Layer 2 security.
- Enterprise demand: Gartner's "Guardian Agents" category will formalize. RFPs for AI agent governance will become standard by Q4 2026.
- The Layer 3 gap: As enterprises deploy Layer 2 security and identity tools from 2–3 vendors, they'll discover nobody manages the cross-platform workforce. That's when Layer 3 becomes urgent.
Frequently Asked Questions
Which AI agent governance vendors launched at RSAC 2026?
Major launches included JetStream Security (SAIG platform, $34M), CrowdStrike (Falcon AIDR + agent discovery), Cisco (DefenseClaw + Agent Runtime SDK), Palo Alto Networks (Prisma AIRS 3.0), Saviynt (Identity Control Plane for AI Agents), 1Password (Unified Access), SentinelOne (Purple AI Auto Investigation), Secure Code Warrior (SCW Trust Agent: AI), Rubrik (SAGE), Mimecast (Agent Risk Center), and AvePoint (AgentPulse). Geordie AI won the RSAC Innovation Sandbox.
How much funding went into AI agent governance around RSAC 2026?
Over $392 million in the two weeks surrounding RSAC 2026, including Oasis Security's $120M Series B, JetStream Security's $34M seed, and Geordie AI's $6.5M seed. Total Q1 2026 AI governance funding likely exceeds $500 million.
What is the difference between Layer 2 and Layer 3 AI agent governance?
Layer 2 provides security monitoring, identity management, and runtime observability within specific platforms. Layer 3 provides cross-platform workforce governance — managing agents as a unified workforce regardless of which vendor or framework they run on. Most RSAC 2026 launches addressed Layer 2.
Do I need multiple AI agent governance vendors?
Most enterprises will need tools at multiple layers: security monitoring (Layer 2), identity management (Layer 2), and cross-platform workforce governance (Layer 3). The question is which layer to prioritize based on your most urgent problem — security, identity, or management.
Ready for Layer 3 governance?
Every RSAC vendor monitors agents within their ecosystem. iEnable governs the workforce across all of them.
Learn More About iEnable →