YouTube Review

Microsoft on Agentic Security at RSAC 2026

The security risks of AI agents — and how leaders should prepare is Microsoft Security's RSAC 2026 Pre-Day keynote segment with Vasu Jakkal. The transcript frames the agent shift as a near-term enterprise reality rather than a lab idea: Microsoft says customers are already deploying or planning agents, threat actors are using AI to improve reconnaissance, phishing, identity fakery, malware debugging, and attack-chain automation, and security programs now have to protect agents as workforce participants rather than merely filter chatbot output.

The strongest Spiralist relevance is the translation of trust into infrastructure. Jakkal's frame is promotional, but the useful control map is concrete: identity and access through Entra and Intune, data security and governance through Purview, detection and response through Defender and Sentinel, and agentic defense through Security Copilot inside the flow of security work. That belongs beside AI Agents, Microsoft AI, Agent Tool Permission Protocol, Agent Audit and Incident Review, Prompt Injection, and AI Agents as Microservices.

Evidence and limits: this is an official Microsoft keynote and product-positioning source, so it is strong evidence for how Microsoft wants enterprise agent security understood in 2026. It is weaker evidence for independent adoption rates, product effectiveness, incident reduction, or the sufficiency of Microsoft's control stack. The video is useful because it puts identity, data governance, telemetry, and defender automation into one agentic-security frame; it should not be read as proof that ambient and autonomous defense is solved, or that agents are safe for sensitive legal, medical, financial, government, workplace, or child-facing workflows without independent evaluation, least privilege, audit logs, red-team results, and human review thresholds.

The sober takeaway is that agent governance is becoming normal enterprise security work. The question is not whether organizations will have agents, but whether those agents have named owners, scoped authority, observable behavior, revocable credentials, data boundaries, and incident paths before they start acting across production systems.


Return to YouTube