RSAC 2026 Keynotes Uncover Zero Trust Challenges in AI Security
At the recent RSAC 2026 event, keynotes from Microsoft, Cisco, CrowdStrike, and Splunk all highlighted the importance of implementing zero trust in AI security. Each company emphasized the need for continuous verification and scrutiny of AI agents to prevent potential risks. With 79% of organizations already using AI agents, security approval and governance remain major concerns, as revealed by recent surveys and reports.
While the industry agrees on the pressing issue, two companies, Anthropic and Nvidia, have introduced unique zero-trust agent architectures to address the challenge. Anthropic’s Managed Agents focus on separating the brain, hands, and session components to enhance security and performance, while Nvidia’s NemoClaw implements strict security layers and monitoring to ensure comprehensive visibility.
The Evolution of Zero-Trust Agent Architectures
Anthropic’s approach eliminates credentials from the blast radius, ensuring that even if a sandbox is compromised, the attacker gains nothing of value. On the other hand, NemoClaw confines the blast radius and closely monitors agent actions within the sandbox, providing strong runtime visibility. The proximity of credentials to the execution environment distinguishes the two architectures, highlighting the trade-offs between security and performance.
Security teams are advised to audit their deployed agents for monolithic patterns, prioritize credential isolation in deployment processes, test session recovery capabilities, allocate resources for observability models, and track vendor roadmaps for addressing indirect prompt injection risks. By addressing these key priorities, organizations can enhance the security of their AI agents and mitigate potential breaches.
As the industry shifts towards zero-trust architectures for AI security, the focus on continuous verification and governance becomes crucial in safeguarding enterprises against evolving threats. Implementing robust security measures in AI deployments is essential to protect sensitive data and maintain operational resilience.
