Article Mar 22, 2026 · iEnable Team · 18 min read

RSAC 2026: 7 AI Agent Governance Shifts That Change the CISO Playbook

$375M in funding, 3 acquisitions, and a ServiceNow-Microsoft alliance just reshaped AI agent governance at RSAC 2026. Here are the 7 shifts every CISO needs to act on this quarter.

← Back to Blog

📊 Market Intelligence

RSAC 2026: The AI Agent Governance Landscape — 7 Announcements Every CISO Must Track

📅 March 22, 2026 ⏱ 18 min

RSAC 2026 opens in days. The announcements have already started. Here’s the definitive guide to what’s happening in AI agent governance — and what it means for your enterprise.

In the 30 days before RSAC 2026, the AI agent governance space has seen more movement than the previous 12 months combined: $375 million in funding, three major acquisitions, and a partnership between the two largest enterprise software companies on Earth.

If you’re heading to San Francisco next week, you need context. If you’re not, you need it more.

This is not a session guide. This is a strategic intelligence briefing on the seven developments that will define enterprise AI agent governance for the rest of 2026.

1. CrowdStrike’s AI Operational Reality Manifesto

What: George Kurtz is keynoting RSAC 2026 with what CrowdStrike is calling the “AI Operational Reality Manifesto” — a framework for how enterprises should think about AI agent security in production, not theory.

Why it matters: CrowdStrike is the most trusted brand in endpoint security. When Kurtz puts AI agent security on the main stage, it moves from a niche concern to a board-level priority overnight. This is the moment the CISO community formally acknowledges that governing AI agents requires a fundamentally different approach than governing AI models.

What to watch for: Whether CrowdStrike positions agent governance as a feature of their existing platform (defensive play) or as a new category requiring new tools (which validates every startup in the space). The distinction matters — if CrowdStrike says “we’ve got this covered,” the market contracts. If they say “this requires new approaches,” the market expands.

iEnable take: CrowdStrike’s DNA is security — detect, prevent, respond. AI agent governance is broader: it includes authorization, cost management, compliance, and organizational readiness. The manifesto will likely focus on the security slice, leaving the governance gap wide open.

2. Geordie AI: RSAC Innovation Sandbox Top 10 Finalist

What: Geordie AI was named an Innovation Sandbox Top 10 finalist — the most prestigious startup showcase in cybersecurity. Their pitch: an agent-native security platform for real-time discovery, behavior monitoring, and risk control of AI agents.

Why it matters: The Innovation Sandbox is where CrowdStrike, Phantom (now Splunk SOAR), and Armis first gained visibility. Getting selected means the RSAC committee sees AI agent security as a category worthy of showcase — not a subcategory of something else.

What to watch for: Geordie AI’s specific technical approach. “Agent-native” suggests they’ve built from the ground up for autonomous systems rather than retrofitting existing security tools. Their emphasis on “real-time discovery” addresses what every enterprise struggles with: they don’t even know how many AI agents they have running.

The market signal: When RSAC’s Innovation Sandbox validates a category, VC funding follows within 90 days. Expect $50–100M+ in new agent governance startup funding by June 2026.

3. ServiceNow + Microsoft Agent 365: The Platform-Native Alliance

What: ServiceNow’s AI Control Tower now integrates with Microsoft Agent 365, Copilot Studio, and Microsoft Foundry for unified oversight. This means the two largest enterprise software platforms have connected their agent governance layers.

Why it matters: This is the most consequential partnership in the agent governance space. ServiceNow manages IT workflows for 85% of the Fortune 500. Microsoft runs the productivity stack for most of the same companies. Together, they’re building a governance moat that covers the majority of enterprise AI agent deployments.

The gap they leave open: Platform-native governance works when all your agents run on ServiceNow + Microsoft. In reality, enterprises deploy agents across Salesforce, AWS Bedrock, Google Cloud, custom frameworks, and open-source tools. The ServiceNow + Microsoft alliance governs their ecosystem. Everything outside it is ungoverned.

For CISOs: If your entire AI agent portfolio runs on ServiceNow + Microsoft, this integration may be sufficient. If you have agents on even one other platform — and you almost certainly do — you need a cross-platform governance layer.

4. SentinelOne Acquires Prompt Security: Shadow AI Gets Real

What: SentinelOne signed the acquisition of Prompt Security, a startup focused on shadow AI discovery and GenAI governance. Their Purple AI product already has a 40% attach rate across the SentinelOne customer base.

Why it matters: “Shadow AI” — unauthorized AI agents and models deployed without IT or security approval — has moved from conference-talk buzzword to acquisition thesis. SentinelOne didn’t buy Prompt Security for the technology alone. They bought it because shadow AI discovery is what their customers are asking for.

The numbers: In enterprises with 1,000+ employees, the average number of unsanctioned AI tools in use is estimated at 40–60 per company. Now add autonomous agents that can take actions, access data, and create accounts — without anyone in security knowing they exist. Shadow AI agents are shadow IT with agency.

What this means for governance: Discovery is step one. You can’t govern what you can’t see. SentinelOne is betting that the path to AI agent governance starts with finding all the agents first. They’re right — but discovery without policy enforcement is just a more detailed inventory of your risk.

5. IBM Completes $11 Billion Confluent Acquisition

What: IBM closed its $11 billion acquisition of Confluent on March 17, 2026 — adding real-time data streaming to the watsonx platform.

Why it matters for governance: No other AI governance vendor now has a real-time data layer. IBM’s watsonx.governance can now monitor what data AI agents access, process, and act on — in real time, at scale. This is a structural advantage that no startup can replicate without their own streaming infrastructure.

The RSAC angle: IBM will almost certainly showcase watsonx.governance + Confluent integration at RSAC. The pitch will be: “We don’t just govern what agents do. We govern the data they touch, in real time.”

The limitation: IBM’s governance is IBM-ecosystem governance. watsonx.governance works brilliantly for agents built on IBM infrastructure. For the 80% of enterprise AI agents running on other platforms, IBM offers monitoring — not control.

6. $375 Million in Agent Governance Funding — In One Month

What: March 2026 alone has seen:

Why it matters: $375M+ in a single month isn’t investment — it’s a land grab. VCs are betting that AI agent governance will be as large as the cloud security market was in 2018. The parallels are striking: new infrastructure category, enterprises deploying faster than security can keep up, regulatory pressure building.

JetStream’s DNA matters: Founded by ex-CrowdStrike leaders, JetStream raised the largest seed round in the category. When CrowdStrike alumni start a governance company and raise $34M on day one, it signals that the people who built modern endpoint security see AI agents as the next platform shift requiring a fundamentally new approach.

What to watch at RSAC: At least three of these companies will have significant booth presence. Watch for which ones announce design partnerships with Fortune 500 companies — that’s the real signal, not the funding amount.

7. Bedrock Data: Governing What AI Agents Know

What: Bedrock Data is leading RSAC sessions focused on governing the data that AI agents access, process, and act on — a governance layer that sits between the agent and its data sources.

Why it matters: Most governance frameworks focus on what agents do (actions, outputs, decisions). Bedrock Data is attacking the problem from the other direction: what agents know. If you can control an agent’s access to data — what it can see, what it can retrieve, what context it operates with — you can prevent most governance failures before they happen.

The insight for CISOs: Data governance for AI agents is not the same as data governance for humans. An agent with read access to a customer database doesn’t browse it like an employee would. It can process every record, find every pattern, and act on every data point — in seconds. The volume and speed of agent data access breaks traditional DLP (Data Loss Prevention) approaches.

What This All Means: The Three Governance Camps

RSAC 2026 will reveal that the AI agent governance market has split into three distinct camps:

Camp 1: Platform-Native Governance

Players: ServiceNow AI Control Tower, Microsoft Agent 365, Salesforce Agentforce Shield Approach: Govern agents within their ecosystem Strength: Deep integration, existing customer relationships Weakness: Stops at the ecosystem boundary. Doesn’t see agents on other platforms.

Camp 2: Security-First Governance

Players: CrowdStrike, SentinelOne, Geordie AI, JetStream, Zenity Approach: Discover, monitor, and secure agents from a security operations perspective Strength: Threat detection expertise, SOC integration, incident response Weakness: Governance is more than security. Cost management, compliance, organizational readiness, and workforce transformation are outside the security frame.

Camp 3: Cross-Platform Workforce Governance

Players: iEnable, Wayfound, Singulr AI Approach: Govern the entire AI agent workforce — across platforms, across use cases, across the full lifecycle Strength: Vendor-neutral, enterprise-wide visibility, addresses governance holistically Weakness: Smaller than the platform and security incumbents. Must prove that cross-platform governance is more valuable than ecosystem-specific governance.

The Bottom Line for CISOs

If you’re going to RSAC, here’s your framework:

  1. Accept that single-platform governance won’t work. Even if 80% of your agents run on Microsoft, the 20% that don’t are where your risk lives.

  2. Shadow AI agents are your biggest blind spot. SentinelOne’s acquisition proves the market agrees. Start with discovery.

  3. Don’t confuse agent security with agent governance. Security is one layer. Governance includes authorization, compliance, cost control, organizational readiness, and cross-platform visibility.

  4. Watch the money. $375M in March funding means the tools you need will exist within 12 months. But the governance policies you need must be built now — tools alone won’t save you.

  5. The EU AI Act deadline is August 2. Every agent making decisions that affect EU citizens must be governable, auditable, and explainable. RSAC is your last major industry event before that deadline.

iEnable’s RSAC Coverage

We’ll be covering every major announcement, session, and product launch through the lens of AI agent governance. Follow our Market Intelligence feed for real-time analysis.

iEnable provides cross-platform AI agent governance — giving enterprises visibility and control over their entire AI workforce, regardless of where agents are built or deployed. Learn more →

Related reading: