Account Executive

Resecurity introduces native integration with Splunk. * 3 hrs ago Resecurity (USA), a global cybersecurity and threat intelligence company trusted by Fortune 100 enterprises and government agencies, announced the implementation of a native integration with Splunk, delivered through a dedicated app published on Splunkbase. Resecurity introduces native integration with Splunk (SIEM). This seamless integration enables organizations of any size to connect Resecurity's cyber threat intelligence (CTI) with the Splunk global ecosystem, facilitating the timely ingestion of indicators of compromise (IOCs) and indicators of attack (IOA), along with ongoing enrichment of security events and logs within existing monitoring and investigation workflows. Through the Splunk app, cybersecurity teams can ingest threat intelligence feeds from Resecurity into Security Information and Event Management (SIEM) and Security Operations Center (SOC), using industry-standard mechanisms such as the TAXII protocol. This enables organizations to incorporate actionable intelligence from Resecurity and correlate it with internal telemetry. Once ingested, indexed threat intelligence data can be used to enrich logs and accelerate visibility by providing additional context for analysis, alerting, and investigation. The app is available via Splunkbase and can be deployed within Splunk Enterprise environments, allowing organizations to configure unparalleled ingestion and data analysis based on their operational requirements: Resecurity Threat Intelligence Resecurity continues to expand its integration ecosystem by supporting interoperability with widely adopted platforms and applications, enabling organizations to make effective use of threat intelligence in daily operations. About Resecurity Resecurity(R) is a cybersecurity company that delivers a unified endpoint protection, fraud prevention, risk management and cyber-threat intelligence platform. Known for providing best-of-breed, data-driven intelligence solutions, Resecurity's services and platforms focus on early-warning identification of data breaches and comprehensive protection against cybersecurity risks. Founded in 2016, it has been globally recognized as one of the world's most innovative cybersecurity companies with the mission of enabling organizations to combat cyber threats regardless of their sophistication. Most recently, by Inc. Magazine, Resecurity was named one of the Top 10 fastest-growing private cybersecurity companies in Los Angeles, California. Resecurity is a member of InfraGard National Members Alliance (INMA), AFCEA, NDIA, SIA, FS-ISAC and several American Chambers of Commerce worldwide. To learn more, visit https://resecurity.com.

Cisco at RSAC: building trust into agentic AI. Agentic AI raises security questions, but agents can also be powerful allies. At RSAC, Cisco and Splunk show the way towards a trusted agentic future. Key takeaways. Summary is AI-generated, editor-reviewed. * Agentic AI's rapid evolution demands trust-building to harness its potential and mitigate security risks. * Cisco's solutions, like DefenseClaw and Zero Trust Access, aim to secure agentic environments. * Agentic SOCs empower security teams to predict and respond to threats at machine speed. "We're living in one of the most exciting and simultaneously the most disorienting times in human history," said Cisco's Jeetu Patel at RSAC 2026 in San Franciso this week. Given the lightning-fast changes driven by agentic AI, he wasn't exaggerating. Building trust into agentic AI is critical to lessening that disorientation - and unleashing the vast promise of AI. "The ability to delegate a task in a trusted form, versus just delegating a task, not being trusted, is going to be the difference between being a market leader versus being bankrupt," said Patel, who is Cisco's president and chief product officer. Cisco is taking on the challenge of ensuring that they are secure and trusted, especially as Linkom-PC approach a time when organizations will deploy thousands of agents, all acting independently. At RSA, the company announced essential solutions like extended Zero Trust Access for agents; DefenseClaw, an open-source secure agent framework; and AI Defense: Explorer Edition, which democratizes AI safety and security for builders. New innovations from Splunk, a Cisco company, include Exposure Analytics, Detection Studio, Federated Search, and agentic security operations center (SOC) expansions. Because as Patel stressed, "We need to fundamentally reimagine security for the agentic workforce." From a Cisco perspective that centers on three key strategies: protecting agents from the world; protecting the world from agents; and responding to threats at machine speed and scale. DefenseClaw: protecting agents from the world. To protect agents from being compromised, Cisco has implemented a variety of solutions - many open sourced. And since OpenClaw has made it easier and faster to develop and deploy agentic solutions, additional security is ever more imperative. "We've had a multitude of these tools," Patel said of open-source offerings from Cisco available free in AI Defense Explorer Edition. "Because what's really important is making sure that we work together as a community and provide tools and knowledge to each other. And so, we have this open-source community where all of these different tools - from a Skill Scanner to an AI Bill of Materials, to an MCP Scanner - all of these tools are available on GitHub." More on AI Defense: Explorer Edition from DJ Sampath, SVP and General Manager, Cisco AI Software and Platform Any of these will be activated by a new solution, DefenseClaw, a security framework for OpenClaw deployments. "If you're using OpenClaw and you want to make sure that you're safe and secure, DefenseClaw will help you do that," Patel added. "This also is completely open sourced." DefenseClaw is also designed to work with OpenShell, NVIDIA's container for OpenClaw deployments. "Every single time an agent executes with an OpenShell," Patel continued, "you're going to automatically activate these open-source services so that it can scan the skills and make sure that it's checking for vulnerabilities and scan the MCP servers... because we have to make sure that these agents are delegated work in a trusted manner." DJ Sampath, Cisco's SVP and general manager for AI software and platform, stressed that these solutions cover the full life cycle of AI projects, from pilot to production. "AI Defense Explorer Edition allows you to try all these fun things," he said. "And then when you upgrade that to the enterprise version of AI Defense, you seamlessly connect into Cisco Secure Access, into how you are pushing out these guardrails, how you do MCP scanning, all of that. That is the entire continuum of the lifecycle of understanding what AI attacks exist." Protecting the world from rogue agents: Zero Trust. In a seminar titled From Chatbots to Change Agents: Securing Agentic AI, Cisco's Matt Caulfield, VP of product management for identity, and Kevin Kennedy VP of product and solutions for security, laid out some of the key challenges - and solutions - around identity and access in vastly complicated agentic AI environments. One in which thousands of agents roam freely through internal data and SAAS applications - all with the agency to act independently. "When it comes to giving tools to agentic AI," Caulfield warned, "we are now opening up our organizations to a whole new level of security risk." So how do organizations protect against their own agents being compromised or from outside agents set loose by bad actors? Caulfield summed up three key steps. "Knowing your risk is first," he said. "If you don't have an agent-discovery tool, if you're not looking for agents in your environment, that's step number one. Second step is then controlling that access. So having a consistent place to do enforcement, investing in an AI gateway that can sit in between the agents and the resources, and supplying it with policy about what those agents are allowed to do and a life cycle for what they should do, and then prioritizing which tools you want to onboard. And then third, and most importantly, is agent governance and life cycle." Or as Kennedy summarized, "The key is know your agents, authorize every action, what they are allowed to do, what they are not allowed to do, and then adapt to risk because even actions that are allowed by policy are not necessarily safe." From a customer perspective, Jeremy Nelson, Insight's CISO for North America, weighed in on the importance of securing access, not just for humans, but for agents - along with his excitement around Cisco's extended Zero Trust solution. "Organizations are eager to embrace AI," he said, "but they need to do so without creating security coverage gaps. Cisco's Zero Trust Access for AI Agents gives visibility into agentic identities and restricts access to exactly what's needed. We're excited to bring these capabilities to customers to secure their data while scaling their AI initiatives." Peter Bailey, SVP and GM, Cisco Security business on the value of Cisco Zero Trust Securing the SOC at machine speed and scale. Of course, agents don't sleep and work faster and on a vastly larger scale than humans. So, when they fall into the wrong (human) hands they can be a formidable threat. The answer is defensive measures that never sleep, operate at massive scale, and act independently. John Morgan, SVP and general manager of Splunk Security, and Fred Frey, Splunk's director of software engineering, discussed how agentic AI is becoming a critical tool in the SOC. "The industry has been modernizing the security operations center for many years," Morgan said, "but it's still the case that threats are overwhelming our analysts. Now we have an obligation to stop analyst burnouts and stop threats from entering into our SOC. And we're going to think about doing this with AI and with agents. This is what we call the Agentic SOC." Frey emphasized that getting the Agentic SOC right is imperative, and he outlined key elements. "Agents out of the box is not what we need," Frey said. "We need agents to understand our business practices, our data, our query structure, the way we investigate alerts today. Agents can consume, retain, and recall massive amounts of data, and it's critical for them to surface them at just the right time. This builds trust; as it's learning our systems and our processes, we're building trust." Morgan believes that agentic systems, while not without risk, can be a game changer in empowering security teams - to enable an agentic future that's secure, trusted, and driving all-new efficiencies and innovations. "With the right trust and governance model," he concluded, "agentic systems can be powerful allies with us. An Agentic SOC provides certainty in a world that's full of non-predictability at this point. With threats running at machine speed, humans are going to need help. We need agents in our SOC, but this is not about replacing people. This is about empowerment. Empowering people to not just respond, but to predict and be proactive." John Morgan, SVP and GM, Splunk Security talks about how Cisco and Splunk work together to fortify the SOC

Splunk's Agentic SOC: six AI agents that automate Security Operations. At RSAC 2026, Splunk unveiled six specialized AI agents for Enterprise Security - from detection building to malware reversing to guided response. The SOC is no longer a human-only operation. OpenClaw Team The Security Operations Center is getting its own AI workforce. At RSAC 2026, Splunk announced six specialized AI agents embedded directly into Enterprise Security (ES) - each designed to handle a specific, time-consuming SOC task that currently burns out human analysts. This isn't a chatbot bolted onto a SIEM. It's a fundamental rethinking of how security operations work. The breaking point. Modern SOCs are drowning. Tool sprawl generates millions of alerts. Skilled analysts are chronically burned out. Shadow IT creates blind spots. And AI-powered attackers move faster than any human-led response team can handle. "The traditional reactive SOC model is no longer sustainable," Splunk stated in its RSAC 2026 announcement. The solution: transition from human-led manual workflows to an "Agentic SOC" where AI agents handle the repetitive heavy lifting so human analysts can focus on strategy and high-value defense. The six agents. 1. Detection Builder Agent. Goes from detection hypothesis to production in minutes. Imports, tunes, and tags detections - a task that previously required deep SPL expertise and hours of iteration. 2. SOP Agent. Imports security Standard Operating Procedures into Splunk ES response plans using multimodal LLMs. Other agents can then execute these SOPs automatically, turning documentation into executable workflows. 3. Triage Agent. Autonomously enriches, prioritizes, and explains alerts. Reduces the alert fatigue that drives analyst burnout by handling the initial assessment that currently consumes most of a Tier 1 analyst's day. 4. Malware threat reversing agent. Already available in Splunk Attack Analyzer. Provides instant insight into malware threats with summaries and step-by-step breakdowns of malicious scripts - no manual reverse engineering required. 5. Guided Response Agent. Automatically executes response actions (quarantining, blocking, isolating) based on the SOC's standard operating procedures. The SOP Agent defines what should happen; the Guided Response Agent makes it happen. 6. Automation Builder Agent. Translates natural language into functional, tested SOAR playbooks. A security engineer can describe a workflow in plain English and get a working automation - dramatically accelerating playbook development. The infrastructure behind the agents. The agents don't operate in isolation. Splunk also announced two foundational capabilities: Detection Studio (GA) provides a unified workspace for the entire detection lifecycle - plan, develop, test, deploy, and monitor. Coverage maps against MITRE ATT&CK to identify gaps, with real-time validation of detection quality. Exposure Analytics (GA coming soon) automatically discovers assets and users across the environment using data already being ingested. No additional agents or tools required - it creates a "Security Truth Layer" that provides context-rich Entity Risk Scores for prioritization. Federated Search (updated) lets security teams search across S3, Iceberg, and other data stores without ingesting data into Splunk. This addresses the cost explosion that comes with comprehensive visibility - a problem OpenClaw covered in its earlier piece on observability costs in the agentic era. The Agentic SOC model. | Traditional SOC | Agentic SOC | | Analysts manually triage alerts | Triage Agent handles initial assessment | | Hours to build a detection | Detection Builder Agent: minutes | | SOPs exist as documents | SOP Agent makes them executable | | Manual incident response | Guided Response Agent acts automatically | | Playbook creation needs SOAR expertise | Automation Builder Agent: plain English | | Reverse engineering is specialized | Malware Agent provides instant analysis | The human analyst doesn't disappear - they become the strategic layer. They define the rules, review the edge cases, and handle the novel threats that require creativity and judgment. The mechanical work gets delegated to agents. What this means for the broader agent ecosystem. Splunk's announcement is significant for two reasons: First, it validates the agent-per-task architecture. Rather than building one monolithic "security AI," Splunk created six specialized agents that each do one thing well. This mirrors how the OpenClaw ecosystem works - discrete skills and agents composed into workflows. Second, it demonstrates that enterprises are ready to trust AI agents with consequential actions. The Guided Response Agent doesn't just recommend quarantining a compromised endpoint - it executes the quarantine. That's a meaningful trust boundary being crossed in production. For OpenClaw users running their own security monitoring, the pattern is instructive: specialized agents with clear scope, human-defined SOPs, and automated execution with audit trails. The same architecture works whether you're a Fortune 500 SOC or a solo developer with a Mac Mini. The age of the human-only SOC is ending. The question isn't whether AI agents will handle security operations - it's whether your agents will be ready before the attackers' agents are. Liked this article? Try OpenClaw. Stop reading about automation - start using it. OpenClaw connects to your email, calendar, code, and smart home from WhatsApp or Telegram. More OpenClaw guides and analysis connected by topic, tags, and content overlap. Security - Mar 25, 2026 Seceon launches ADMP at RSAC 2026 - continuous discovery, behavioral baselining, and real-time protection for autonomous AI agents, LLM APIs, RPA bots, and machine identities. Plus SeraAI 2.0 resolves 70% of SOC incidents without human intervention. Security - Mar 24, 2026 Google's biggest RSAC 2026 push: agentic automation in Security Operations with Triage and Investigation agents, Wiz acquisition complete with AI-APP and red/blue/green agents, dark web intelligence agents with 98% accuracy, and M-Trends 2026 revealing 22-second adversary handoffs. Security - Mar 24, 2026 SentinelOne goes GA on four products at RSAC 2026: Prompt AI Agent Security for real-time agent governance with MCP monitoring, Prompt AI Red Teaming for continuous AI application testing, Purple AI Auto Investigation for one-click agentic SOC, and AI data pipelines that cut SIEM noise by 80%. Ready to try OpenClaw? Join the waitlist for managed hosting. OpenClaw'll notify you when your spot is ready. No credit card required. OpenClaw'll notify you when hosted service launches.