RSA Conference 2026: Three Companies Converge on Intent-Based AI Agent Security — Token Security, Geordie AI, and Apono Define New Paradigm

RSA Conference 2026, which wrapped this week, saw a remarkable convergence: three separate companies independently announced intent-based security platforms for AI agents, establishing a new security paradigm for the agentic AI era.

The Core Thesis: Static permissions, inherited human roles, and past behavior patterns cannot adequately secure autonomous AI agents because agent behavior is non-deterministic and goal-oriented. Two agents with identical permissions can behave completely differently depending on what they are trying to accomplish.

Token Security — Identity as the Control Plane: Token Security unveiled intent-based AI agent security that governs autonomous agents by aligning permissions with their intended purpose. CEO Itamar Apelblat stated: "Prompt filtering and guardrails were not designed to fully contain the security risks introduced by autonomous AI agents."

Their platform operationalizes intent-based security through five core capabilities: continuously discovering AI agents and their owners, understanding declared and observed agent intent, dynamically creating and enforcing least privilege access aligned to intent, flagging actions outside intent boundaries, and applying lifecycle governance to prevent access drift and orphaned agents.

Geordie AI — Agent-Native Security (RSAC Innovation Sandbox Finalist): Geordie AI, founded by ex-Darktrace COO Henry Comfort and ex-Snyk CTO Benji Weber, raised $6.5M from Ten Eleven Ventures and General Catalyst. As an RSAC 2026 Innovation Sandbox finalist, they built an "agent-native" security platform for real-time discovery, behavior monitoring, and risk control of AI agents.

Geordie identifies five core enterprise pain points: no unified visibility across agent deployments, no continuous capability auditing, non-deterministic behavior breaking traditional monitoring, expanding risk surface from tool and data integrations, and cascading failures from agent-to-agent collaboration.

Apono — Agent Privilege Guard: Apono launched Agent Privilege Guard, bringing runtime privilege guardrails to enterprise AI agents with intent-based access controls. Their approach enables enterprises to deploy agents at full velocity while ensuring sensitive privileges are governed at every step.

The Gap: Portable Agent Identity: Security analysts noted that while all three companies solve intent-based enforcement within the enterprise perimeter, none address cross-organizational agent identity verification. When agents interact across organizational boundaries, current solutions cannot cryptographically verify who the external agent is — they can only monitor agents within their own infrastructure.

This represents both a validation of agentic AI security as a market category and a signal that the next frontier will be portable, cryptographic agent identity for cross-boundary interactions.