The convergence of ideas on zero trust in AI agents was a prominent theme at RSAC 2026, with keynotes from Microsoft, Cisco, CrowdStrike, and Splunk all highlighting the importance of extending zero trust principles to AI. The call for a shift from access control to action control was emphasized by Cisco’s Jeetu Patel, who likened agents to “teenagers, supremely intelligent, but with no fear of consequence.” CrowdStrike’s George Kurtz pointed out the critical gap in AI governance within enterprise technology, while Splunk’s John Morgan advocated for an agentic trust and governance model.
According to PwC’s 2025 AI Agent Survey, 79% of organizations already use AI agents, but only 14.4% reported full security approval for their agent fleet. The Gravitee State of AI Agent Security 2026 report revealed that 919 organizations struggle with AI governance, with only 26% having established AI governance policies. The Cloud Security Alliance (CSA) highlighted this gap as a governance emergency, calling for urgent action to address the disconnect between deployment velocity and security readiness.
At RSAC, cybersecurity leaders and industry executives acknowledged the pressing issue and proposed solutions through innovative architectures. Two notable companies, Anthropic and Nvidia, introduced zero-trust agent architectures that tackle the monolithic agent problem in distinct ways, shedding light on where the real risks lie.
Anthropic’s Managed Agents, launched in public beta, revolutionize the agent structure by separating the brain, hands, and session components, eliminating the need for credentials within the sandbox. This design not only enhances security but also improves performance, making it the fastest and most secure option for organizations looking to bolster their defenses against agent compromises.
On the other hand, Nvidia’s NemoClaw takes a different approach by enveloping the entire agent within multiple security layers, closely monitoring every action to ensure compliance with policies. While this architecture provides robust security measures, it comes with the trade-off of increased operator staffing costs due to the high level of observability required.
The credential proximity gap between these two architectures is a crucial consideration for security teams evaluating their options. Anthropic’s design removes credentials from the blast radius entirely, preventing single-hop exfiltration attacks, while Nvidia’s architecture constrains the blast radius and closely monitors all actions within the sandbox.
In conclusion, the shift towards zero trust architectures for AI agents marks a critical step in enhancing security and mitigating risks in enterprise technology. As organizations navigate the complexities of AI governance and security, investing in innovative solutions like Managed Agents and NemoClaw can help bridge the gap between deployment velocity and security readiness, safeguarding against potential breaches in the evolving threat landscape.