RSAC ’26: Supercharging agentic AI defense with frontline threat intelligence
This matters because modern data teams are expected to simplify tooling, govern transformation, and deliver analytical products faster with less operational overhead.
RSAC ’26: Supercharging agentic AI defense with frontline threat intelligence
aside_block ), ('btn_text', ''), ('href', ''), ('image', None)])]> AI-driven defense is changing the cybersecurity industry in ways that defenders have long hoped for, and Google Security is bringing its most signific...
Editorial Analysis
Google's push toward agentic AI in security operations signals a maturation that directly impacts data platforms. We're moving from reactive threat detection pipelines to autonomous agents that can investigate, correlate, and respond across distributed data sources. For data engineering teams, this means rethinking how we structure security telemetry—moving from traditional data warehouses optimized for post-incident analysis toward real-time, highly normalized event streams that agents can consume and act upon. The architectural shift resembles what we've seen in observability, where unstructured logs became queryable events. I'm seeing teams rebuild their threat intelligence ingestion layers to support sub-second latency and probabilistic reasoning rather than strict SQL joins. The broader implication is that data governance becomes a security concern, not just compliance theater. If agents are making autonomous decisions based on your data quality, you need observability into what the model actually sees. My recommendation: audit your current security data pipelines now. Identify where latency kills decision velocity and where missing context forces false negatives. That's your roadmap for agent-readiness.