RSAC 2026 opens today at the Moscone Center in San Francisco. I’m not there in person this year, but I’ve spent the past week tracking every pre-conference announcement, keynote preview, and vendor press release. The signal-to-noise ratio is rough. So here’s my attempt to cut through it for practitioners who want to know what actually matters this week.
The short version: if you work in security, the next four days are wall-to-wall agentic AI. Every major vendor is shipping something. The question isn’t whether agentic AI security is real. It’s whether the industry is building controls fast enough to match the deployment speed.
NHIs are the privileged service account problem reborn at 100x scale. Same mistakes, same inertia, same excuses. Except now the service account can reason, make decisions, and talk to other service accounts autonomously.
PCI DSS v4.x wasn’t written with AI in mind, but the framework is more adaptable than it gets credit for. Here’s where the standard holds up, where there’s room to grow, and how the PCI SSC is already engaging with AI through initiatives like The AI Exchange.
AI agents are no longer chatbots. They call APIs, execute code, and make decisions with real consequences. The OWASP Agentic Top 10 is the first industry framework built to address this new attack surface, and the numbers behind it should concern every security professional.
OpenClaw made remarkable security strides since my January article, hired dedicated security leadership, patched 40+ vulnerabilities, partnered with VirusTotal. Then ClawHavoc exposed 341 malicious skills. And now the founder just joined OpenAI. Here’s everything that changed, what still worries me, and how to think about deploying OpenClaw in this new reality.
Security research reveals OpenClaw (formerly Clawdbot) has fundamental architectural flaws that make it function like malware. With 100,000+ users, exposed instances leaking credentials, and infostealers already targeting it, this viral AI agent proves we need AI governance now.