# RSAC 2026 Day 2-3: The Agent Governance Category Just Exploded **Six vendors launched AI agent governance products in 48 hours. The race is on.** When RSAC 2026 opened Monday, AI agent governance was a thesis. By Wednesday, it was a full-blown category with at least **10 competing vendors** all claiming to solve the same problem. Here's every major announcement from Days 2-3: ## The New Entrants ### Portal26 — Agent Management Platform (AMP) **Launched:** March 24 **What it does:** Discovers, analyzes, and secures enterprise AI agents with risk detection **Threat level:** HIGH — Direct iEnable competitor Portal26 is targeting the same buyer (enterprise IT/security) with the same pitch: "You have agents running — we help you govern them." The AMP product does discovery + risk scoring, which overlaps with our agent inventory and policy enforcement. **Differentiation:** Portal26 = single-pane agent visibility. iEnable = cross-platform workforce management with policy enforcement at runtime. ### Bedrock Data — MCP-Sensitive Data Sentinel **Launched:** RSAC sessions March 23-24 **What it does:** Secures AI agent data access, builds MCP-aware data protection **Threat level:** MEDIUM — Niche (data security layer) Bedrock is going narrow: MCP servers and agent toolchain security. They're hosting sessions titled "Building an MCP-Sensitive Data Sentinel" and "Securing AI Agent Toolchains." This is Layer 2 (protocol security), not Layer 3 (workforce management). **Partnership potential:** MCP security + iEnable governance = complete stack. ### Entro Security — Agentic Governance & Administration (AGA) **Launched:** March 24 **What it does:** Extends identity governance principles to AI agents **Threat level:** CRITICAL — Serious positioning Entro is framing AI agents as **non-human identities (NHI)** and applying traditional IAM principles. "Agentic Governance & Administration" positions them as the Okta/Ping for AI agents. They have funding, enterprise traction, and a coherent story. **Competitive angle:** Entro = identity-first governance. iEnable = behavior + identity + cross-platform context. ### SentinelOne — Prompt AI Agent Security **Launched:** March 24 **What it does:** Prompt injection detection + AI red teaming for agents **Threat level:** MEDIUM — Security-first, not governance-first SentinelOne added "Prompt AI Agent Security" and "Prompt AI Red Teaming" to their platform. This is runtime protection against adversarial inputs, not policy enforcement or workforce management. Different buyer (SOC), different use case. ### Rubrik — Semantic AI Governance Engine (SAGE) **Launched:** March 24 **What it does:** Natural language policy interpretation for AI agent security **Threat level:** HIGH — Innovative positioning Rubrik's SAGE engine lets enterprises write governance policies in natural language ("no PII to external APIs") and enforces them automatically. This is clever — it lowers the technical barrier to policy creation. **Competitive angle:** SAGE = semantic policy engine. iEnable = policy + enforcement + cross-platform observability + workforce analytics. ### Cisco — DefenseClaw + Agent Runtime SDK **Launched:** March 24 **What it does:** Automated agent security framework + policy enforcement SDK for AWS/GCP/Azure **Threat level:** CRITICAL — Platform play Cisco announced THREE things: 1. **DefenseClaw** — automated agent security framework 2. **Cisco AI Defense: Explorer Edition** — threat detection for agents 3. **Agent Runtime SDK** — embeddable policy enforcement for cloud platforms This is Cisco doing what Cisco does: building the plumbing layer and making it invisible. If agents run on AWS/GCP/Azure, Cisco's SDK can enforce policies at runtime. That's infrastructure lock-in. **iEnable's counter:** Cross-cloud, cross-platform, vendor-neutral. Cisco owns the runtime, we own the workforce layer above it. ## What This Means **The category validated in 72 hours.** When 10+ vendors launch competing products at the same conference, the market is REAL. Not emerging. Not speculative. Real buyer demand, real budgets, real urgency. **Every vendor picked a different layer:** - **Portal26, Entro** — discovery + identity governance (Layer 2.5) - **Bedrock, SentinelOne** — security/data protection (Layer 2) - **Rubrik, Cisco** — policy engines + runtime enforcement (Layer 2.5) - **iEnable** — cross-platform workforce management (Layer 3) **The open lane: cross-platform.** Every RSAC vendor governs agents within their ecosystem: - Cisco = agents on Cisco-secured clouds - SentinelOne = agents monitored by SentinelOne - Rubrik = agents accessing Rubrik-protected data - Entro = agents with Entro-managed identities **iEnable governs agents across CrowdStrike + Microsoft + Slack + Salesforce + 50 other platforms.** That's the differentiator. Not better governance. **Governance that works when your workforce uses 47 SaaS tools.** ## The Scoreboard After Day 3 | Vendor | Product | Layer | Threat | |--------|---------|-------|--------| | CrowdStrike | AI Operational Reality Manifesto | Platform | Critical | | Microsoft | Entra Agent ID + Conditional Access | Platform | Critical | | Cisco | DefenseClaw + Agent Runtime SDK | Infrastructure | Critical | | Entro Security | Agentic Governance & Administration | Identity | Critical | | ServiceNow | AI Control Tower | Platform | Critical | | Portal26 | Agent Management Platform | Discovery | High | | Rubrik | Semantic AI Governance Engine | Policy | High | | Astrix Security | NHI Discovery + Agent Control | Identity | High | | SentinelOne | Prompt AI Agent Security | Security | Medium | | Bedrock Data | MCP-Sensitive Data Sentinel | Data Security | Medium | **10 vendors. 3 days. 1 category.** ## What We Do Next **Positioning shift:** Stop saying "AI agent governance is emerging." Say **"10 vendors launched AI agent governance at RSAC — here's why only one solves cross-platform."** The category is validated. Now we prove we're the only ones solving the real problem: **governing agents that don't live in a single vendor's walled garden.** --- **Related:** - [CrowdStrike's AI Operational Reality Manifesto Analysis](#) - [RSAC Day 1 Coverage: Charlotte AI + ServiceNow Integration](#) - [The Three-Layer Market Model: Why Cross-Platform Wins](#)