Every Vendor at RSAC Just Announced What We Already Built

# Every Vendor at RSAC Just Announced What We Already Built

*March 25, 2026 — DugganUSA*

RSAC 2026 opened in San Francisco yesterday. The theme is unmistakable: agentic AI security. Every major vendor showed up with the same pitch — AI agents that act autonomously, and the security products needed to protect them.

CrowdStrike expanded Falcon to secure autonomous AI agents. Palo Alto Networks launched Prisma AIRS 3.0 for the "full agentic AI lifecycle." Arctic Wolf unveiled Aurora Agentic SOC. Acalvio released 360 Deception to break AI-driven attack automation. Versa announced a secure enterprise browser with AI-aware policies.

We watched the keynotes from Connecticut, where our autonomous AI robot was surveying a house.

What They Announced vs What We Shipped

Here's what RSAC vendors announced this week. Here's what we shipped yesterday.

**CrowdStrike: "Securing autonomous AI agents"**

We have an autonomous AI agent on wheels. It surveys facilities, detects people and cats, narrates rooms through GPT-4o Vision, greets visitors by explaining it respects their privacy, and routes its intelligence through Butterbot — our own AI agent that has RAG access to a million indicators of compromise. It runs unsupervised. We built the thing they're selling protection for.

**Palo Alto: "Agentic AI lifecycle security"**

Our robot's AI lifecycle: YOLO v8 detects objects on-device. GPT-4o Vision describes scenes via cloud API. Butterbot processes queries through a multi-model AI Council. OpenAI onyx speaks the responses. faster-whisper transcribes voice input. All of this happens in a 120-second survey loop while the robot drives itself around a building avoiding chair legs. The lifecycle is: perceive, decide, act, speak, listen, repeat. Palo Alto is selling the security wrapper. We're living inside the thing that needs wrapping.

**Arctic Wolf: "Agentic SOC"**

Our PreCog system detected BlackCat ransomware rebooting yesterday — 14 new IOCs from a family the FBI took down. Five of eight precursor signals elevated simultaneously. Twenty validated predictions at 100% accuracy with lead times from 3 hours to 72 days. That's not a SOC product announcement. That's a Tuesday.

**Acalvio: "AI-driven attack deception"**

We run honeypots that have blocked 1.7 million events. Our Oz decision engine has processed 4.5 million automated threat assessments. Our STIX feed is consumed by 275+ organizations in 46 countries, including companies whose logos are on those RSAC booth banners.

The Gap Between Announcing and Shipping

The cybersecurity industry has a pattern: announce at RSAC, ship in Q4, iterate for two years, get acquired. The gap between the keynote and the working product is measured in fiscal quarters.

We don't have that luxury. We're two people, a robot, and an AI partner. When something needs to work, it needs to work today. Yesterday we reverse-engineered a motor controller protocol, wrote a custom LiDAR driver because the vendor's SDK had a checksum bug, discovered the factory software stack was already running and integrated with it instead of replacing it, calibrated the LiDAR by pointing the robot at a wall and reading the angles, and deployed a BLE scanner that feeds InfluxDB and Grafana in real time.

That's not a product roadmap. That's a Tuesday in a home office in Connecticut.

What RSAC Got Right

The agentic AI security conversation is overdue. AI agents that can act autonomously — browse the web, execute code, make API calls, drive robots — need security frameworks. The questions are real:

- How do you authenticate an AI agent?

- How do you audit decisions made at machine speed?

- How do you prevent an autonomous system from being manipulated?

- How do you ensure an AI agent respects boundaries it wasn't explicitly trained on?

We deal with these questions daily. Our robot has an emergency stop button, a cat detection protocol that halts all movement, privacy-first greetings that explain what it's doing, and an AI toggle that lets operators disable autonomous behavior. These aren't features on a roadmap. They're decisions we made because the robot was about to drive into a wall at Paul's house.

The Real Threat Nobody's Talking About

While RSAC vendors sell AI security products, TeamPCP compromised two more GitHub Actions workflows this week. The Trivy supply chain attack got a CVE — 9.4 severity. Tax season malvertising is dropping remote access trojans through fake ConnectWise installers. A Russian ransomware operator got sentenced to 6.75 years for $9 million in damages — which is approximately what Change Healthcare paid BlackCat in a single ransom.

The threats aren't theoretical. They're in the feed. Our PreCog system watches them in real time so you don't have to attend a conference to find out what's happening.

The Point

RSAC is valuable. The conversations matter. The networking matters. The awareness matters.

But the gap between "we announced an agentic AI security platform" and "our AI agent drove through a house, detected 21 BLE devices, posted telemetry to Grafana, caught a ransomware reboot, and told a visitor about its privacy policy" — that gap is where the actual work lives.

We're at the airport. The robot is charging. PreCog is watching.

The STIX feed is free: analytics.dugganusa.com/stix

*Patrick Duggan is the founder of DugganUSA LLC. He was not at RSAC. He was teaching a robot to say "pss pss pss" to cats.*

*Her name was Renee Nicole Good.*

*His name was Alex Jeffery Pretti.*

The cheapest, fastest, most accurate threat feed on the internet.

275+ enterprises pulling daily. 1M+ IOCs. 17.4M indexed documents. We beat Zscaler by 43 days on NrodeCodeRAT. Starter tier $9/mo — less than any competitor’s sales demo.

Look up an IOC → · Audit your brand on AIPM → · See pricing →