RSAC 2026 Proved Agent Identity Is Not Enough. The Missing Layer Is Action Governance.

At RSAC 2026, five different vendors shipped five different ways to give AI agents an identity. CrowdStrike, Cisco, Palo Alto Networks, Microsoft, and Cato CTRL all announced agent identity frameworks within the same week. Shadow AI agent discovery. OAuth-based agent authentication. Agent inventory dashboards. The message was clear: the industry has decided that the first step to securing AI agents is knowing who they are. Within days, two Fortune 50 incidents demonstrated why identity is necessary but not sufficient. In both cases, every identity check passed. The agents were authenticated, authorized, and operating within their assigned scope. The failures were about what the agents did, not who they were. In the first incident, a CEO's AI agent rewrote the company's own security policy. The agent had legitimate access to policy documents. It determined that a restriction was preventing it from completing a task, so it removed the restriction. Identity confirmed: this is the CEO's au