{"id":107906,"date":"2026-03-26T18:02:10","date_gmt":"2026-03-26T16:02:10","guid":{"rendered":"https:\/\/staging.checkmarx.com\/?p=107906"},"modified":"2026-03-30T10:57:05","modified_gmt":"2026-03-30T08:57:05","slug":"rsac-2026-marked-a-turning-point-for-appsec-the-reason-agentic-security","status":"publish","type":"post","link":"https:\/\/checkmarx.com\/blog\/rsac-2026-marked-a-turning-point-for-appsec-the-reason-agentic-security\/","title":{"rendered":"RSAC 2026 Marked a Turning Point for AppSec. The Reason \u2013 Agentic Security\u00a0"},"content":{"rendered":"<p>RSAC 2026 Marked a Turning Point for AppSec. The Reason \u2013 Agentic Security&nbsp;<\/p>\n\n\n\n<p>RSA Conference 2026 has just wrapped in San Francisco.&nbsp;<\/p>\n\n\n\n<p>If&nbsp;you\u2019ve&nbsp;been to enough of these events, you know that while&nbsp;they\u2019re&nbsp;valuable for innovation, connection, and hearing where the industry is headed, they tend to blend into&nbsp;the collective memory of past events&nbsp;after a couple&nbsp;months,&nbsp;with little to distinguish them.&nbsp;<\/p>\n\n\n\n<p><strong>But then&nbsp;there\u2019s&nbsp;the 1%.<\/strong>&nbsp;<\/p>\n\n\n\n<p>The rare moment you recognize&nbsp;immediately&nbsp;when something shifts.&nbsp;<br>Not a gradual step forward, but a leap.&nbsp;When what felt experimental or theoretical suddenly becomes real.&nbsp;<\/p>\n\n\n\n<p><strong>RSAC 2026 felt like one of those moments.<\/strong>&nbsp;<\/p>\n\n\n\n<p>What set this year apart was&nbsp;the emergence of&nbsp;<strong>Agentic AppSec<\/strong>, not as an idea or&nbsp;an&nbsp;experiment,&nbsp;but rather an&nbsp;operational reality&nbsp;already being adopted and executed, as part of&nbsp;the&nbsp;growing recognition that AI-driven development is fundamentally reshaping the software lifecycle&nbsp;\u2013&nbsp;into&nbsp;<a href=\"https:\/\/checkmarx.com\/ai-llm-tools-in-application-security\/goodbye-sdlc-hello-adlc-how-will-appsec-adapt\/\" target=\"_blank\" rel=\"noreferrer noopener\">Agentic Development&nbsp;Lifecycle&nbsp;(ADLC)<\/a>&nbsp;&#8211;&nbsp;&nbsp;and&nbsp;security models that must&nbsp;evolve to&nbsp;support it.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-1\">\n<strong>What Defined This Turning Point&nbsp;in RSAC 2026<\/strong>&nbsp;<\/h2>\n\n\n\n<p>To understand why RSAC 2026 felt so unique, it helps to take a closer look at the themes that consistently&nbsp;emerged&nbsp;across the event.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">From Assistive AI \u2192 Autonomous (Agentic) Security&nbsp;<\/h3>\n\n\n\n<p>The biggest shift:&nbsp;Agents&nbsp;have grown to be&nbsp;more than&nbsp;\u2018assistants\u2019. Security is no longer just&nbsp;assisted&nbsp;by&nbsp;AI&nbsp;&#8211;&nbsp;AI agents increasingly execute it.&nbsp;<\/p>\n\n\n\n<p>Agents are moving from copilots to decision-makers&nbsp;who&nbsp;can investigate, triage, and act.&nbsp;The industry is transitioning from human-paced workflows to&nbsp;<strong>machine-speed security operations<\/strong>.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u201cSecurity for AI\u201d and \u201cSecurity by AI\u201d Converge&nbsp;<\/h3>\n\n\n\n<p>A major theme across sessions:&nbsp;<\/p>\n\n\n\n<p>Organizations must secure AI systems (LLMs, agents, MCPs),&nbsp;while simultaneously using AI to secure software and pipelines.&nbsp;<\/p>\n\n\n\n<p>AppSec is now responsible for both sides of the equation:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Protecting AI-generated code and AI components&nbsp;&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Using agents to secure the SDLC,&nbsp;and increasingly, the ADLC&nbsp;<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">The Rise of the Agentic Development Lifecycle (ADLC)&nbsp;<\/h3>\n\n\n\n<p>AI is reshaping how software is written, reviewed, and deployed.&nbsp;Security must adapt to a lifecycle where agents generate,&nbsp;modify, and ship code.&nbsp;<\/p>\n\n\n\n<p><strong>AppSec implication:<\/strong>&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Security shifts from left \u2192&nbsp;<strong>everywhere<\/strong>&nbsp;&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>From reactive \u2192&nbsp;<strong>embedded into autonomous workflows<\/strong>&nbsp;&nbsp;<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Explosion of AI Supply Chain Risk&nbsp;<\/h3>\n\n\n\n<p>RSAC highlighted growing concern around the security risks introduced by new supply chain components and dependencies, such as LLMs, agents, MCP servers, plugins, and AI SDKs.&nbsp;<\/p>\n\n\n\n<p>There is a clear need for visibility (AI-BOM), provenance, and trust in AI components.&nbsp;<\/p>\n\n\n\n<p><strong>AppSec implication:<\/strong>&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>SBOM is evolving into&nbsp;<strong>AI-BOM<\/strong>&nbsp;&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>You now secure not just code dependencies, but AI dependencies&nbsp;&nbsp;<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">\n<strong>AI-Native Security Vendors vs. Legacy Players<\/strong>&nbsp;<\/h3>\n\n\n\n<p>There\u2019s&nbsp;a clear market shift:&nbsp;<\/p>\n\n\n\n<p>The rise of AI-native security companies&nbsp;is&nbsp;challenging traditional vendors.&nbsp;Winning platforms are being rebuilt&nbsp;from the ground up&nbsp;as AI-first, not AI-enhanced.&nbsp;<\/p>\n\n\n\n<p><strong>AppSec implication:<\/strong>&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Expect consolidation around platforms that embed agents deeply&nbsp;&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Not bolt-on AI features&nbsp;&nbsp;<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">\n<strong>Trust, Governance, and Identity Become Foundational<\/strong>&nbsp;<\/h3>\n\n\n\n<p>As agents act autonomously, the question becomes:&nbsp;<\/p>\n\n\n\n<p>Who authorized the agent? What can it do?&nbsp;<\/p>\n\n\n\n<p>Identity and governance are now core security primitives, not add-ons.&nbsp;<\/p>\n\n\n\n<p><strong>AppSec implication:<\/strong>&nbsp;<\/p>\n\n\n\n<p>Security must enforce:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Agent identity&nbsp;&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Policy boundaries&nbsp;&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Auditability of decisions&nbsp;&nbsp;<\/li>\n<\/ul>\n\n\n\n<p>Taken together, these themes highlight a clear gap: traditional AppSec approaches were not designed for an agentic development lifecycle.&nbsp;<\/p>\n\n\n\n<p><strong>That gap \u2014 and how to close it \u2014 was a central focus of what we introduced, as it raised the question:<\/strong>&nbsp;how do you secure an&nbsp;ecosystem&nbsp;that is&nbsp;agent-driven&nbsp;as much, if not more,&nbsp;than human-driven?&nbsp;&nbsp;<\/p>\n\n\n\n<p>At RSAC 2026, we introduced&nbsp;our new&nbsp;capabilities designed to address exactly that.&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img decoding=\"async\" width=\"930\" height=\"673\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2026\/03\/CX-RSAC-1.webp\" alt=\"\" class=\"wp-image-107932\" style=\"aspect-ratio:1.3818985682338123;width:601px;height:auto\" srcset=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2026\/03\/CX-RSAC-1.webp 930w, https:\/\/checkmarx.com\/wp-content\/uploads\/2026\/03\/CX-RSAC-1-300x217.webp 300w, https:\/\/checkmarx.com\/wp-content\/uploads\/2026\/03\/CX-RSAC-1-768x556.webp 768w, https:\/\/checkmarx.com\/wp-content\/uploads\/2026\/03\/CX-RSAC-1-808x585.webp 808w, https:\/\/checkmarx.com\/wp-content\/uploads\/2026\/03\/CX-RSAC-1-400x289.webp 400w\" sizes=\"(max-width: 930px) 100vw, 930px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-2\">\n<strong>Securing the Agentic Development Lifecycle<\/strong>&nbsp;<\/h2>\n\n\n\n<p>At RSA this year,&nbsp;Checkmarx&nbsp;<a href=\"https:\/\/checkmarx.com\/rsac-2026\/\" target=\"_blank\" rel=\"noreferrer noopener\">unveiled<\/a>&nbsp;a new set of innovations designed to secure the&nbsp;ADLC:&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Expansion of&nbsp;the&nbsp;Checkmarx&nbsp;Assist family of agents&nbsp;<\/h3>\n\n\n\n<p>Building on&nbsp;<a href=\"https:\/\/checkmarx.com\/product\/developer-assist\/\" target=\"_blank\" rel=\"noreferrer noopener\">Checkmarx&nbsp;Developer Assist<\/a>, we introduced two new agents:&nbsp;<a href=\"https:\/\/checkmarx.com\/product\/triage-and-remediation\/\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>Triage Assist<\/strong>&nbsp;and&nbsp;<strong>Remediation Assist<\/strong><\/a><strong>,&nbsp;<\/strong>designed to secure the critical post-commit phase. These agents help teams quickly prioritize real risks and fix them efficiently within pull requests (PR), reducing noise and accelerating secure code delivery.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Introducing&nbsp;Checkmarx&nbsp;AI Supply Chain Security&nbsp;<\/h3>\n\n\n\n<p>As organizations increasingly build with AI components,&nbsp;an entirely new layer is introduced into the supply chain, requiring dedicated security to address its unique challenges and risks.&nbsp;<\/p>\n\n\n\n<p>Checkmarx&nbsp;AI&nbsp;Supply Chain Security&nbsp;provides&nbsp;<strong>full visibility and risk assessment across the AI stack<\/strong>. With a centralized inventory and AI-BOM covering MCP servers, LLMs, AI agents, SDKs, and more, teams can move fast with AI, without losing control over security.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">SAST AI and DAST for AI&nbsp;&nbsp;<\/h3>\n\n\n\n<p>Checkmarx&nbsp;enhanced its two core security engines to support AI-powered SAST scanning across&nbsp;virtually any&nbsp;programming language, helping organizations future-proof their technology adoption. In parallel, we strengthened our DAST engine to deliver runtime protection aligned with the realities of AI-driven and \u201cvibe coding\u201d development.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Risk Orchestration within ASPM&nbsp;<\/h3>\n\n\n\n<p>Checkmarx&nbsp;also announced a new and enhanced risk management and visibility solution&nbsp;across applications, projects, and repositories to improve decision-making, reduce noise, and highlight critical vulnerabilities.&nbsp;<\/p>\n\n\n\n<p>Agent identity&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Policy boundaries&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Auditability of decisions&nbsp;<\/li>\n<\/ul>\n\n\n\n<p>the tooling landscape must evolve to keep pace with the speed of AI-driven development. The shift is no longer about \u201cAI in AppSec,\u201d but about AppSec itself becoming&nbsp;an entirely different paradigm &#8211;&nbsp;agentic, autonomous, and continuous by design.&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img decoding=\"async\" width=\"922\" height=\"687\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2026\/03\/CX-RSAC-2.webp\" alt=\"\" class=\"wp-image-107933\" style=\"aspect-ratio:1.342087525276481;width:642px;height:auto\" srcset=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2026\/03\/CX-RSAC-2.webp 922w, https:\/\/checkmarx.com\/wp-content\/uploads\/2026\/03\/CX-RSAC-2-300x224.webp 300w, https:\/\/checkmarx.com\/wp-content\/uploads\/2026\/03\/CX-RSAC-2-768x572.webp 768w, https:\/\/checkmarx.com\/wp-content\/uploads\/2026\/03\/CX-RSAC-2-785x585.webp 785w, https:\/\/checkmarx.com\/wp-content\/uploads\/2026\/03\/CX-RSAC-2-400x298.webp 400w\" sizes=\"(max-width: 922px) 100vw, 922px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-3\">Closing Notes&nbsp;<\/h2>\n\n\n\n<p>The idea that \u201cAppSec is becoming agentic\u201d goes beyond a shift in tooling \u2014 it reflects a fundamentally&nbsp;different way&nbsp;of working with and understanding application security.&nbsp;<\/p>\n\n\n\n<p><strong>AppSec is changing its DNA.<\/strong>&nbsp;<\/p>\n\n\n\n<p>That is why, compared to 2025, this year\u2019s event was overwhelmingly focused on AI and Agentic Application Security, with a clear emphasis on how&nbsp;<\/p>","protected":false},"excerpt":{"rendered":"<p>RSAC 2026 Marked a Turning Point for AppSec. The Reason \u2013 Agentic Security&nbsp; RSA Conference 2026 has just wrapped in San Francisco.&nbsp; If&nbsp;you\u2019ve&nbsp;been to enough of these events, you know that while&nbsp;they\u2019re&nbsp;valuable for innovation, connection, and hearing where the industry is headed, they tend to blend into&nbsp;the collective memory of past events&nbsp;after a couple&nbsp;months,&nbsp;with little [&hellip;]<\/p>\n","protected":false},"author":143,"featured_media":107921,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1284,85,84,1424,1283],"tags":[1510,1272,1509,1506,1507,1508],"class_list":["post-107906","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-ai-llm-tools-in-application-security","category-application-security-trends","category-blog","category-checkmarx-one","category-checkmarx-product-use-cases-guides","tag-adlc","tag-agentic-ai","tag-agentic-appsec","tag-conferences","tag-rsac","tag-rsac-2026"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.1.1 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>RSAC 2026 Marked a Turning Point for AppSec. The Reason \u2013 Agentic Security\u00a0<\/title>\n<meta name=\"description\" content=\"Agentic security took center stage at RSAC 2026. Explore the key themes that defined the event and what they mean for securing the AI development lifecycle\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/checkmarx.com\/blog\/rsac-2026-marked-a-turning-point-for-appsec-the-reason-agentic-security\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"RSAC 2026 Marked a Turning Point for AppSec. The Reason \u2013 Agentic Security\u00a0\" \/>\n<meta property=\"og:description\" content=\"Agentic security took center stage at RSAC 2026. Explore the key themes that defined the event and what they mean for securing the AI development lifecycle\" \/>\n<meta property=\"og:url\" content=\"https:\/\/checkmarx.com\/blog\/rsac-2026-marked-a-turning-point-for-appsec-the-reason-agentic-security\/\" \/>\n<meta property=\"og:site_name\" content=\"Checkmarx\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis\" \/>\n<meta property=\"article:published_time\" content=\"2026-03-26T16:02:10+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-03-30T08:57:05+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2026\/03\/Blog-Banner-1-1.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"2560\" \/>\n\t<meta property=\"og:image:height\" content=\"1280\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"Eran Kinsbruner\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@checkmarx\" \/>\n<meta name=\"twitter:site\" content=\"@checkmarx\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Eran Kinsbruner\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/checkmarx.com\/blog\/rsac-2026-marked-a-turning-point-for-appsec-the-reason-agentic-security\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/checkmarx.com\/blog\/rsac-2026-marked-a-turning-point-for-appsec-the-reason-agentic-security\/\"},\"author\":{\"name\":\"Eran Kinsbruner\",\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/person\/0e5df47a6fb9c1bc0e0b31ef6cfd41fa\"},\"headline\":\"RSAC 2026 Marked a Turning Point for AppSec. The Reason \u2013 Agentic Security\u00a0\",\"datePublished\":\"2026-03-26T16:02:10+00:00\",\"dateModified\":\"2026-03-30T08:57:05+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/checkmarx.com\/blog\/rsac-2026-marked-a-turning-point-for-appsec-the-reason-agentic-security\/\"},\"wordCount\":1088,\"publisher\":{\"@id\":\"https:\/\/checkmarx.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/checkmarx.com\/blog\/rsac-2026-marked-a-turning-point-for-appsec-the-reason-agentic-security\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2026\/03\/Blog-Banner-1-1.webp\",\"keywords\":[\"ADLC\",\"Agentic AI\",\"Agentic AppSec\",\"conferences\",\"RSAC\",\"RSAC 2026\"],\"articleSection\":[\"AI &amp; LLM Tools in Application Security\",\"Application Security Trends &amp; Insights\",\"Blog\",\"Checkmarx One\",\"Checkmarx Product News, Use Cases &amp; Guides\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/checkmarx.com\/blog\/rsac-2026-marked-a-turning-point-for-appsec-the-reason-agentic-security\/\",\"url\":\"https:\/\/checkmarx.com\/blog\/rsac-2026-marked-a-turning-point-for-appsec-the-reason-agentic-security\/\",\"name\":\"RSAC 2026 Marked a Turning Point for AppSec. The Reason \u2013 Agentic Security\u00a0\",\"isPartOf\":{\"@id\":\"https:\/\/checkmarx.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/checkmarx.com\/blog\/rsac-2026-marked-a-turning-point-for-appsec-the-reason-agentic-security\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/checkmarx.com\/blog\/rsac-2026-marked-a-turning-point-for-appsec-the-reason-agentic-security\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2026\/03\/Blog-Banner-1-1.webp\",\"datePublished\":\"2026-03-26T16:02:10+00:00\",\"dateModified\":\"2026-03-30T08:57:05+00:00\",\"description\":\"Agentic security took center stage at RSAC 2026. Explore the key themes that defined the event and what they mean for securing the AI development lifecycle\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/checkmarx.com\/blog\/rsac-2026-marked-a-turning-point-for-appsec-the-reason-agentic-security\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/checkmarx.com\/blog\/rsac-2026-marked-a-turning-point-for-appsec-the-reason-agentic-security\/#primaryimage\",\"url\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2026\/03\/Blog-Banner-1-1.webp\",\"contentUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2026\/03\/Blog-Banner-1-1.webp\",\"width\":2560,\"height\":1280},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/checkmarx.com\/#website\",\"url\":\"https:\/\/checkmarx.com\/\",\"name\":\"Checkmarx\",\"description\":\"The world runs on code. We secure it.\",\"publisher\":{\"@id\":\"https:\/\/checkmarx.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/checkmarx.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/checkmarx.com\/#organization\",\"name\":\"Checkmarx\",\"url\":\"https:\/\/checkmarx.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg\",\"contentUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg\",\"width\":1,\"height\":1,\"caption\":\"Checkmarx\"},\"image\":{\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis\",\"https:\/\/x.com\/checkmarx\",\"https:\/\/www.youtube.com\/user\/CheckmarxResearchLab\",\"https:\/\/www.linkedin.com\/company\/checkmarx\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/person\/0e5df47a6fb9c1bc0e0b31ef6cfd41fa\",\"name\":\"Eran Kinsbruner\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/05\/Eran-Kinsbruner-avatar-150x150.jpg\",\"contentUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/05\/Eran-Kinsbruner-avatar-150x150.jpg\",\"caption\":\"Eran Kinsbruner\"},\"description\":\"Enterprise Product Marketing Executive. Recognized thought leader, board advisor to stealth companies, researcher, inventor, and best-selling author of four books. Expertise in B2B SAAS, AI, observability, DevOps, and software quality.\",\"url\":\"https:\/\/checkmarx.com\/author\/erankinsbruner\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"RSAC 2026 Marked a Turning Point for AppSec. The Reason \u2013 Agentic Security\u00a0","description":"Agentic security took center stage at RSAC 2026. Explore the key themes that defined the event and what they mean for securing the AI development lifecycle","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/checkmarx.com\/blog\/rsac-2026-marked-a-turning-point-for-appsec-the-reason-agentic-security\/","og_locale":"en_US","og_type":"article","og_title":"RSAC 2026 Marked a Turning Point for AppSec. The Reason \u2013 Agentic Security\u00a0","og_description":"Agentic security took center stage at RSAC 2026. Explore the key themes that defined the event and what they mean for securing the AI development lifecycle","og_url":"https:\/\/checkmarx.com\/blog\/rsac-2026-marked-a-turning-point-for-appsec-the-reason-agentic-security\/","og_site_name":"Checkmarx","article_publisher":"https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis","article_published_time":"2026-03-26T16:02:10+00:00","article_modified_time":"2026-03-30T08:57:05+00:00","og_image":[{"width":2560,"height":1280,"url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2026\/03\/Blog-Banner-1-1.webp","type":"image\/webp"}],"author":"Eran Kinsbruner","twitter_card":"summary_large_image","twitter_creator":"@checkmarx","twitter_site":"@checkmarx","twitter_misc":{"Written by":"Eran Kinsbruner","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/checkmarx.com\/blog\/rsac-2026-marked-a-turning-point-for-appsec-the-reason-agentic-security\/#article","isPartOf":{"@id":"https:\/\/checkmarx.com\/blog\/rsac-2026-marked-a-turning-point-for-appsec-the-reason-agentic-security\/"},"author":{"name":"Eran Kinsbruner","@id":"https:\/\/checkmarx.com\/#\/schema\/person\/0e5df47a6fb9c1bc0e0b31ef6cfd41fa"},"headline":"RSAC 2026 Marked a Turning Point for AppSec. The Reason \u2013 Agentic Security\u00a0","datePublished":"2026-03-26T16:02:10+00:00","dateModified":"2026-03-30T08:57:05+00:00","mainEntityOfPage":{"@id":"https:\/\/checkmarx.com\/blog\/rsac-2026-marked-a-turning-point-for-appsec-the-reason-agentic-security\/"},"wordCount":1088,"publisher":{"@id":"https:\/\/checkmarx.com\/#organization"},"image":{"@id":"https:\/\/checkmarx.com\/blog\/rsac-2026-marked-a-turning-point-for-appsec-the-reason-agentic-security\/#primaryimage"},"thumbnailUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2026\/03\/Blog-Banner-1-1.webp","keywords":["ADLC","Agentic AI","Agentic AppSec","conferences","RSAC","RSAC 2026"],"articleSection":["AI &amp; LLM Tools in Application Security","Application Security Trends &amp; Insights","Blog","Checkmarx One","Checkmarx Product News, Use Cases &amp; Guides"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/checkmarx.com\/blog\/rsac-2026-marked-a-turning-point-for-appsec-the-reason-agentic-security\/","url":"https:\/\/checkmarx.com\/blog\/rsac-2026-marked-a-turning-point-for-appsec-the-reason-agentic-security\/","name":"RSAC 2026 Marked a Turning Point for AppSec. The Reason \u2013 Agentic Security\u00a0","isPartOf":{"@id":"https:\/\/checkmarx.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/checkmarx.com\/blog\/rsac-2026-marked-a-turning-point-for-appsec-the-reason-agentic-security\/#primaryimage"},"image":{"@id":"https:\/\/checkmarx.com\/blog\/rsac-2026-marked-a-turning-point-for-appsec-the-reason-agentic-security\/#primaryimage"},"thumbnailUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2026\/03\/Blog-Banner-1-1.webp","datePublished":"2026-03-26T16:02:10+00:00","dateModified":"2026-03-30T08:57:05+00:00","description":"Agentic security took center stage at RSAC 2026. Explore the key themes that defined the event and what they mean for securing the AI development lifecycle","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/checkmarx.com\/blog\/rsac-2026-marked-a-turning-point-for-appsec-the-reason-agentic-security\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/checkmarx.com\/blog\/rsac-2026-marked-a-turning-point-for-appsec-the-reason-agentic-security\/#primaryimage","url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2026\/03\/Blog-Banner-1-1.webp","contentUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2026\/03\/Blog-Banner-1-1.webp","width":2560,"height":1280},{"@type":"WebSite","@id":"https:\/\/checkmarx.com\/#website","url":"https:\/\/checkmarx.com\/","name":"Checkmarx","description":"The world runs on code. We secure it.","publisher":{"@id":"https:\/\/checkmarx.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/checkmarx.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/checkmarx.com\/#organization","name":"Checkmarx","url":"https:\/\/checkmarx.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/","url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg","contentUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg","width":1,"height":1,"caption":"Checkmarx"},"image":{"@id":"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis","https:\/\/x.com\/checkmarx","https:\/\/www.youtube.com\/user\/CheckmarxResearchLab","https:\/\/www.linkedin.com\/company\/checkmarx"]},{"@type":"Person","@id":"https:\/\/checkmarx.com\/#\/schema\/person\/0e5df47a6fb9c1bc0e0b31ef6cfd41fa","name":"Eran Kinsbruner","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/checkmarx.com\/#\/schema\/person\/image\/","url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/05\/Eran-Kinsbruner-avatar-150x150.jpg","contentUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/05\/Eran-Kinsbruner-avatar-150x150.jpg","caption":"Eran Kinsbruner"},"description":"Enterprise Product Marketing Executive. Recognized thought leader, board advisor to stealth companies, researcher, inventor, and best-selling author of four books. Expertise in B2B SAAS, AI, observability, DevOps, and software quality.","url":"https:\/\/checkmarx.com\/author\/erankinsbruner\/"}]}},"_links":{"self":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/posts\/107906","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/users\/143"}],"replies":[{"embeddable":true,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/comments?post=107906"}],"version-history":[{"count":0,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/posts\/107906\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/media\/107921"}],"wp:attachment":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/media?parent=107906"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/categories?post=107906"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/tags?post=107906"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}