SAN FRANCISCO – AI is often called a double-edged sword, and this dual nature was reflected by Tuesday afternoon’s keynotes at RSAC 2026, which covered the agentic security operations center (SOC) and five of today’s most dangerous attacks — all involving AI.
The first of the late afternoon keynotes was presented by John Morgan, senior vice president and general manager of Splunk Security, a Cisco company, and Fred Frey, Splunk’s director of software engineering.
Morgan began the talk on “Lessons From the Agentic Frontier: how the SOC is Winning in the AI Era” with a stark warning: “Agents are our biggest insider threat.”
However, he justified AI’s risky and non-deterministic nature by comparing it to other innovations and necessities we accept in our daily lives — for example, oxygen, which sustains life but fuels fires, and the invention of penicillin, which arose not from a structured experiment but from the accidental contamination of a petri dish.
“Essential things in life are most often also threats, and AI is also entering that realm,” Morgan said.
In order to harness AI innovation safely, Morgan noted the need for agentic trust and governance, starting with identity as a control plane, zero trust access, high visibility, output validation, data integrity and compliance with regulations such as GDPR.
Frey further outlined how AI agents can upgrade the SOC and transform an overwhelmed junior analyst into an empowered orchestrator.
“What used to take hours now takes seconds,” said Frey, detailing how multiple specialized agents can work together triage an alert, hunt for a threat and respond with expertise built up through the agents’ history and organizational knowledge.
Frey concluded with three key ideas for making AI agents work for a SOC in a way that both maximizes their potential and mitigates their risk.
First, Frey emphasizes the importance of customized agents that inherit your organization’s “tribal knowledge,” saying “agents out of the box is not what we need.”
Secondly, he said “agents need to earn our trust” with humans in the loop before they can be made fully autonomous, although he added: “We need to quickly move and graduate towards humans out of the loop because we just don’t scale.”
Lastly, Frey said defenders need to leverage agents to meet the scale at which attackers are also using AI, which is expanding “exponentially.”
“The new battleground is AI,” Frey said.
AI drives all of cybersecurity’s top 5 most dangerous threats
The panel discussion “The Five Most Dangerous New Attack Techniques: Crucial Tips for Defenders,” hosted by SANS Technology Institute President Ed Skoudis, further explored the AI battleground “straight from the frontlines.”
The first danger, presented by Counter Hack Innovations Senior Technical Director and SANS Faculty Fellow Joshua Wright, is the use of AI to generate zero-day exploits. Wright said the “industrialization” of zero-day exploits through the use of AI shatters assumptions that such attacks are few and far between.
Defenders will need to prepare for “a wave of zero-day exploits every week designed by AI” by accelerating their patch management programs to a degree that may only be achievable through more AI.
The second top threat, also presented by Wright, is supply chain attacks — the risks that come not from the software an organization chooses, but from their “vendor’s vendor’s vendor.”
Wright noted from his own analysis of 7-Zip that the seemingly simple program has more than 300 unique dependencies, demonstrating the scale of the potential attack surface that can arise from third and fourth parties.
AI inevitably plays a role in this threat as well, with Wright predicting that AI exploits and supply chain compromise will combine to create a perfect storm for mass exploitation. To respond to this threat, defenders should “plan for supplier compromise,” require software attestations from vendors and seek to minimize the blast radius of a potential supply chain attack.
The third threat, as outlined by Dragos CEO and Founder Robert M. Lee, is the breakdown of root cause analysis for industrial systems, which Lee said is further compounded by the added complexity of AI components.
Lee, a SANS Fellow, said it is becoming harder to answer the question “Was it a cyberattack or just a mishap?” in the aftermath of critical operational technology (OT) failures. This is partly due to the increasing homogeneity of systems, leading to a scenario where “no one is the expert” and attacks are easier for threat actors to scale.
AI adds another layer of complication to this difficult equation, said Lee, who warned that rapid AI adoption can create new blind spots and lead to unpredictable new interactions. Combating this issue will require greater AI governance, the use of OT-native visibility and monitoring capabilities and a clear plan for failure scenarios, driven by threat intelligence.
The fourth threat was presented by Cellebrite Senior Forensic Expert and SANS Institute Head of Faculty Heather Barnhart, who warned that overreliance on AI in digital forensics can be disastrous.
“Who is going to protect you when AI makes a mistake?” Barnhart asked, arguing that humans decision-making and expertise is still crucial in digital forensics, as “AI can’t find what it doesn’t know exists.”
However, Barnhart said practitioners shouldn’t be afraid to use AI as a tool in appropriate contexts, presenting a soon-to-be-released framework for responsible AI collaboration.
The fifth and final presentation, by SANS Chief AI Officer and Chief of Research Rob T. Lee, focused on the speed and scale that attackers can achieve with AI and emphasized that “we need AI to fight against AI.”
Lee said AI-driven attack workflows can be executed at 47 times the speed of a human operator, shortening attack times from days and hours to just minutes. However, defenders have the opportunity to harness the same speed, said Lee, who demonstrated a report generated by Claude Code after he simply told it to “find evil” in an environment.
Lee said the model completed in 14 minutes and 27 seconds “what analysts normally take three days to figure out.”
And the biggest advantage defenders have over attackers, Lee said, is: “There’s a lot more of us.”
Lee concluded his presentation by announcing an upcoming AI-themed hackathon, calling upon cybersecurity practitioners to face the AI threat together with collaborative AI innovation.
Skouda acknowledged the extent to which AI dominated the panel’s conversation.
“If we were to present to you some sort of trend or attack threat and not mention the AI component, we’d be lying to you, because AI is infused into all the different attack scenarios that we are seeing and handling today,” Skouda concluded.
Facts Only
Event: RSAC 2026, San Francisco
Speakers: John Morgan (SVP, Splunk Security), Fred Frey (Director of Software Engineering, Splunk)
Topic: Agentic security operations center (SOC), AI risks and governance
Panel Discussion Participants: Joshua Wright (Senior Technical Director, Counter Hack Innovations, SANS Faculty Fellow), Robert M. Lee (CEO and Founder, Dragos, SANS Fellow), Heather Barnhart (Senior Forensic Expert, Cellebrite, Head of Faculty, SANS Institute), Rob T. Lee (Chief AI Officer, Chief of Research, SANS)
Threats Discussed: Zero-day exploits, supply chain attacks, breakdown in root cause analysis for industrial systems, overreliance on AI in digital forensics, speed and scale of AI-driven attacks
Executive Summary
At the RSAC 2026 conference in San Francisco, speakers discussed the impact and risks of Artificial Intelligence (AI) on cybersecurity. The event featured a keynote by John Morgan and Fred Frey from Splunk Security, focusing on leveraging AI to enhance the agentic security operations center (SOC). They emphasized the need for trust and governance in AI agents, with a focus on customization, human oversight, and compliance with regulations.
The panel discussion "The Five Most Dangerous New Attack Techniques: Crucial Tips for Defenders" explored how AI is increasingly being used by cyber attackers. The threats discussed included the industrialization of zero-day exploits, supply chain attacks, breakdowns in root cause analysis for industrial systems, overreliance on AI in digital forensics, and the speed and scale of AI-driven attacks.
Full Take
The discussion at RSAC 2026 highlights the growing importance of AI in both cybersecurity defenses and attacks. The keynote by Morgan and Frey underscores the potential benefits of AI for security operations but emphasizes the need for trust, governance, and compliance to mitigate risks.
The panel discussion on dangerous new attack techniques demonstrates the increasing use of AI by cybercriminals, posing challenges such as rapid industrialization of zero-day exploits, supply chain compromises, complexities in root cause analysis, and overreliance on AI in digital forensics. The speed and scale of AI-driven attacks also pose a significant threat.
The discussion encourages defenders to embrace AI to combat these threats but emphasizes the importance of human oversight, customization, and the need to anticipate potential blind spots and unpredictable interactions. It further underscores the importance of understanding the paradigms that drive these narratives and their implications for human agency and dignity.
Sentinel — Human
This text is likely human-written. It exhibits variation in sentence length, a balance of passion and fluency, and does not follow a template pattern.
