Network Security at Agentic Speed: 5 Takeaways from Tufinnovate 2026

1. Tufin is building toward governed, agentic action 

The Tufin Product Roadmap session showed how Tufin is translating that Agentic AI strategy into the platform. 

Tufin Agentic AI agent in action:

Ruth Gomel, VP of Product Management at Tufin, and Shay Dayan, SVP, Product and Engineering Management at Tufin, outlined a progression from AI assistants to deeper intelligence to purpose-built agents for core network security workflows. 

At the center of that roadmap are four new purpose-built Agentic AI agents Tufin is building now: 

• Compliance Agent to continuously validate network segmentation and access against compliance requirements and flag violations immediately 
• Policy Recertification Agent to map rules to owners, request approval, and help eliminate unnecessary access 
• Application Deployment Agent to validate connectivity requirements against policy and help deploy compliant network access 
• Network Security Posture Agent to prioritize vulnerabilities based on real connectivity exposure, attack paths, and critical assets 

These agents target the jobs that consume the most time and carry the most risk. 

Rather than adding more alerts or disconnected automation, Tufin is building agents around workflows security teams already need to execute with precision. The broader point from the roadmap session was that this only works if the underlying data is trustworthy, and the actions remain governed.

As Ruth put it: 

“Good AI comes from good data.”

2. Legacy security processes are breaking under faster change 

One of the clearest themes from the event was that security teams are being asked to manage a very different operating environment than the one their processes were built for. 

In the opening keynote session, Jared Myers, Director of OverWatch at CrowdStrike, described AI as “a bit of a force multiplier for adversaries,” accelerating phishing, reconnaissance, and vulnerability research rather than inventing an entirely new attacker model. Assaf Karen, Chief Security Officer at Qualtrics, made the same point from the defender side: AI is compressing the attack chain and making attackers more effective at scale. 

That pressure showed up throughout the day: 

• Internal teams are deploying more AI-driven workflows 
• Agents are initiating or influencing more change 
• Attackers are moving faster with AI 
• Defenders are being asked to keep control without slowing the business 

The event’s message was direct: legacy security processes were not built for the speed of the agentic era. Manual reviews, human-paced governance, and after-the-fact validation were built for a slower world. They do not hold up when connectivity changes continuously, and short-lived openings can turn into real exposure. 

In the Network Security int he Agentic Era session, Spear put it simply: 

“If we can’t see the change, I can’t govern it.” 

That is the challenge now. The issue is no longer just complexity. It is complexity moving faster than traditional controls can keep up. 

3. Network Connectivity context is the foundation for real risk reduction

Another major takeaway from Tufinnovate 2026 was that visibility alone is not enough. Security teams need context. 

Again, speakers came back to the same operational question: what is reachable right now, and should it be? 

That is why Tufin’s story centers on connectivity. If teams cannot understand who can talk to whom across the enterprise, they cannot prioritize the exposures that matter most, validate segmentation, or prove posture with confidence. 

As Spear put it: 

“Defenders think in lists and attackers think in graphs.” 

That quote gets to the core problem. Many teams are still trying to manage security through rule lists, tickets, and point tools. Attackers move through paths. They care about what connects, what is reachable, and what can be chained together. 

In practical terms, connectivity context helps teams: 

• See what is reachable right now
• Prioritize the exposures that matter most 
• Validate whether segmentation is really holding 
• Distinguish real risk from noisy alerts 
• Focus remediation on paths attackers can use 

That is why Tufin positioned the Dynamic Network Connectivity Graph as the foundation for its strategy. The Graph is the system of record for network exposure: a normalized model of devices, policies, paths, applications, and connectivity across the hybrid, multi-vendor network.  

4. Practical AI matters more than generic AI

Tufinnovate 2026 did not treat AI as a buzzword. The stronger sessions focused on where AI is already useful, where it still needs guardrails, and why grounded data matters more than broad claims. 

A quote from Dan Roberts, Director of AKIPS Business Operations at AKIPS, captured that especially well in the AKIPS Innovation Lab session: 

“Visibility is no longer the hard part. We have more telemetry than ever. The challenge now is how quickly can we turn that visibility into action.” 

That idea ran through the event. AI is useful when it helps teams reduce noise, understand context faster, and act through governed workflows. It is less useful when it adds another disconnected layer of abstraction. 

In the keynote, Asaf Karen argued that security leaders should not block AI outright, because doing so creates a capability gap between defenders and attackers. But he also made clear that governance and architecture still matter deeply. 

The Tufin Leadership Forum session pushed that further. Spear described the challenge in three parts: 

• Securing AI 
• Securing with AI 
• Securing against AI 

The event also gave that progression a clear structure. Tufin described its AI evolution in three layers: 

• Assistants that help humans work faster 
• Intelligence that surfaces risk across the network 
• Agentic AI that uses proven playbooks to monitor and act on the network’s behalf 

That framing matched what showed up in the Tufin Innovation Lab session, where Ricky Ecke, Director of Sales Engineering for the Americas at Tufin, showed how Tufin is using AI to make existing workflows faster and easier to use. 

5. The network is entering the agentic era — and security must adapt

Tufinnovate 2026 was ultimately about a shift in operating reality. 

Threat actors are accelerating with AI. Internal change is accelerating too. And security teams can no longer rely on slow, manual processes to understand exposure or keep policy aligned with intent. 

Across the event, the strongest conclusion was also the simplest: posture must be continuous. Teams need to understand connectivity, see what is reachable, validate segmentation, and control change across the enterprise as it happens. 

That is where we drew its line. Our argument is that the right foundation for this new model includes a precise network data layer, broad multi-vendor coverage, proven playbooks, and vendor-agnostic agentic AI working through a unified control plane. 

Spear’s quote still says it best: 

“Familiar complexity at unfamiliar speed.” 

That is the challenge security teams are facing now. Tufinnovate 2026 made the case that meeting it will require more than visibility, more than automation alone, and more than isolated AI features. It will require trusted network understanding and governed action built for a multi-vendor environment that no longer moves at human pace. 

Missed the live event? Watch the Full Tufinnovate 2026 On-Demand.