A firsthand account from RSAC 2026 covering the dominant themes of AI urgency versus AI fatigue among 44,000 security practitioners. Key discussions included agentic AI governance, the concept of intent as a core security control, and how attackers are exploiting trusted integrations and stolen secrets rather than exotic methods. A live supply chain attack (TeamPCP) targeting CI/CD credentials unfolded during the event, reinforcing the conference's focus on non-human identities, secrets exposure, and the need for real-time validation over alert-heavy detection. The overarching message: security teams must govern AI agents like privileged insiders and build systems that move fast without losing control over trust.
Table of contents
Techstrong Seminar: AI NativeDev and the Next Evolution of DevOpsThe Work Starts with IntentThreats Are Following the Paths We Trust MostThe Mood From The RSAC Expo FloorThe Attacks Keep Evolving In Real Time During RSACA Good Week For Good QuestionsSort: