The Agentic AI Arms Race – What's Moving the Needle in 2026

In September we published our original CIO Scorecard showing that identical AI terminology masked 7 fundamentally different architectural approaches to AI. Five months later, every vendor in our analysis has shipped or announced "agentic AI" capabilities. The terminology confusion hasn't resolved—it has intensified. Choosing the wrong architecture still costs 18+ months and $5M+ in sunk costs, but now the marketing fog is thicker. 

Here we continue to separate the signal from the noise in this updated series on Cybersecurity AI vendor offerings as we enter 2026. 

Key Findings:

1. "Agentic AI" now appears in the marketing materials of all 7 vendors we assessed—up from 3 in September 2025

2. The market has split into three distinct camps: autonomous SOC (CrowdStrike, SentinelOne), assisted copilot (Microsoft, Fortinet), and platform consolidation (Palo Alto, Zscaler)

3. One vendor (Carbon Black/Broadcom) has fallen materially behind, with no agentic AI capability announced while every peer has shipped

4. Microsoft's decision to bundle Security Copilot into E5 at no additional cost has fundamentally disrupted competitive pricing dynamics

Bottom Line: The same words still mean different things. But now we have five months of production data, earnings calls, and product launches to cite accurate signals with greater precision.

WHAT'S CHANGED: THE 60-SECOND EXECUTIVE BRIEF

Each vendor has made substantive moves in the last 5 months, with continued acceleration in this direction. Here is the compressed version before the deep dive.

CrowdStrike launched Charlotte Agentic SOAR and AgentWorks (the first no-code security agent builder). Charlotte AI is now being included with monthly credits for all eligible Falcon customers. Result: A record $265M net new ARR in Q3 FY2026, up 73% year-over-year.

SentinelOne shipped Purple AI Athena—the most architecturally significant release across all vendors. Athena opens Purple AI to third-party SIEMs (Splunk confirmed) and data lakes, breaking the ecosystem lock-in pattern every vendor was following.

Microsoft bundled Security Copilot into Microsoft 365 E5 with 12 purpose-built agents across Defender, Entra, Intune, and Purview. They also introduced Entra Agent ID—the first identity management framework for AI agents. 

Palo Alto launched Cortex AgentiX, an agentic workforce platform trained on 1.2 billion real-world playbook executions, and has surpassed $1B cumulative XSIAM bookings. XSIAM ARR grew 200%+ year-over-year. Acquired Protect AI.

Fortinet formalized FortiAI into three pillars: FortiAI-Assist (GenAI + agentic + AIOps), FortiAI-Protect (threat detection for 6,500+ AI URLs), and FortiAI-SecureAI (AI infrastructure protection). 500+ AI patents.

Zscaler processed nearly 1 trillion AI/ML transactions in 2025. ThreatLabz found enterprise AI systems can be compromised in just 16 minutes. Launched Zero Trust Gateway, Microsegmentation for Cloud Workloads, and B2B Exchange.

Carbon Black completed its Broadcom integration and Symantec merger. No agentic AI, autonomous SOC, or GenAI-assisted investigation capabilities announced. The competitive gap has widened accordingly.

"AGENTIC AI" — FIVE MONTHS LATER, SAME TERM, SEVEN DEFINITIONS

In September 2025, we flagged "agentic AI" as the most dangerous term in cybersecurity vendor evaluations because CrowdStrike, Microsoft, and Fortinet were using it to describe three fundamentally different implementations. Five months later, every vendor in our assessment uses the term. None of them mean the same thing.

Here is what "agentic AI" actually means at each vendor as of February 2026:

CrowdStrike: Autonomous Agent Orchestration

September 2025: 12+ specialized AI agents, 98% accuracy against elite MDR team decisions.

What Changed: CrowdStrike moved from copilot-with-agents to agent-orchestration-as-platform. The no-code builder is architecturally significant—it shifts CrowdStrike from delivering pre-built intelligence to enabling customer-built autonomous workflows. This is a genuine platform evolution, not an incremental release.

Decision Impact: If you evaluated CrowdStrike in September and categorized it as a "SOC copilot with agent capabilities," reassess. The AgentWorks builder and agentic SOAR position it closer to an autonomous SOC platform. However, it remains Falcon-first—the value proposition requires commitment to the CrowdStrike ecosystem.

SentinelOne: Deep Security Reasoning + Data Agnosticism

September 2025: Autonomous endpoint decision engine. Only vendor with true cloudless/offline detection for air-gapped environments.

What Changed: SentinelOne broke the ecosystem lock-in pattern. Every other vendor's AI capabilities work best (or only) within their own platform. Athena's third-party SIEM integration means organizations can deploy Purple AI's reasoning engine on top of their existing data infrastructure without costly migration. This is a strategic inflection point for the market.

Decision Impact: If you have a multi-vendor security stack and are not prepared to consolidate onto a single platform, SentinelOne's data-agnostic approach eliminates the "rip and replace" requirement. However, our original observation stands: SentinelOne relies on community scoring rather than native reasoning for false positive determination—a limitation that matters at enterprise scale. And the offline/air-gapped differentiator, while still unique, is less decisive as cloud connectivity becomes ubiquitous.

Microsoft: From Premium Assistant to E5 Entitlement

September 2025: Natural language security assistant. Force multiplier for Microsoft stack. Fundamentally an assistant, not an autonomous decision engine.

What Changed: The pricing move is the most disruptive action any vendor has taken in this cycle. By bundling Security Copilot into E5, Microsoft transforms agentic security from a premium purchase decision into a baseline capability for their largest customers. This forces every competing vendor to justify their pricing against a "free" alternative embedded in the stack enterprises already own. The agent governance frameworks (Entra Agent ID, Agent 365) are also architecturally ahead of the field—Microsoft is the first vendor treating AI agents as managed entities with verifiable identities and lifecycle controls.

Decision Impact: If you are an E5 shop, activating Security Copilot is now a zero-incremental-cost decision. However, our original characterization remains largely accurate: this is still primarily an assisted copilot model with agentic capabilities layered on top, not an autonomous decision engine. The cross-platform agent disruption (AWS, Okta) is promising but early-stage. Organizations outside the Microsoft ecosystem will see limited value.

Palo Alto Networks: Data Gravity at Scale

September 2025: Thousands of specialized ML models, 100% MITRE ATT&CK detection, prevention-first architecture.

What Changed: XSIAM has transitioned from "promising new platform" to "validated market leader" with financial metrics that back the thesis. The AgentiX launch puts Palo Alto alongside CrowdStrike in the agentic SOC race, with the additional advantage of a proprietary data lake built on 1.2 billion playbook executions. The "Autonomous SOC" positioning is now explicit.

Decision Impact: If you are prepared to go all-in on the Palo Alto ecosystem and feed XSIAM broad telemetry, the data gravity advantage is real and the financial metrics are compelling. Our primary concern remains unchanged: ingestion-based pricing creates significant TCO exposure when you try to deliver the breadth of data XSIAM needs to perform at its best. Model this carefully before committing.

Fortinet: Operational Automation at Fabric Scale

September 2025: Security fabric orchestration across 40M+ sensors. Three-pillar approach, 500+ patents.

What Changed: Fortinet has built the most comprehensive GenAI governance framework of the vendors in this assessment. The ability to detect and control 6,500+ AI application URLs, combined with the data privacy architecture (local processing, no customer data used for training), directly addresses CISO concerns about shadow AI and data leakage.

Decision Impact: Fortinet's agentic AI remains strongest in operational automation (network configuration, fabric-wide policy management) rather than autonomous security investigation. If your primary need is SOC-level autonomous threat detection and response, CrowdStrike and SentinelOne are further ahead. If your primary need is AI-augmented network operations at massive distributed scale plus GenAI governance, Fortinet is unmatched.

Zscaler: Inline AI at Unprecedented Scale

September 2025: 5 trillion daily signals, inline AI inspection at cloud scale, zero trust architecture with embedded AI.

What Changed: Zscaler's position relative to the other vendors has not fundamentally changed—it remains an inline enforcement and access security platform, not a SOC or endpoint detection play. But the scale and intelligence of the data flowing through the Zero Trust Exchange continues to grow at rates that reinforce its position as the infrastructure layer enterprises need for AI-era security.

Decision Impact: Evaluate Zscaler as complementary to your XDR/SOC platform, not as an alternative. The 16-minute compromise finding from ThreatLabz should be treated as a board-level data point for any AI governance discussion.

Carbon Black (Broadcom): The Innovation Gap Widens

September 2025: Cross-data telemetry correlation, unique dual network + endpoint visibility, 1.5 trillion events daily.

What Changed: The competitive gap has widened materially. In September 2025, Carbon Black's lack of AI-native capabilities was notable. In February 2026, it is a strategic liability. Every other vendor in this assessment has shipped production agentic AI capabilities. Broadcom's enterprise cost-optimization approach may deliver margin improvement but does not address the innovation gap.

Decision Impact: Organizations currently on Carbon Black should evaluate migration timelines against their AI-driven SOC modernization requirements. The dual network + endpoint visibility that was Carbon Black's key differentiator is now baseline for modern XDR platforms.

SAME WORDS, DIFFERENT WORLDS — UPDATED

In September 2025, we showed that "AI-driven" meant 7 different things from 7 vendors. In February 2026, we can sharpen that assessment into three strategic camps:

1. The Autonomous SOC Camp (CrowdStrike, SentinelOne): Pursuing AI that reasons, investigates, and responds with minimal human oversight. Differentiated by depth of autonomous decision-making and accuracy of unsupervised triage. The key question is governance—how do you audit and control AI agents making security decisions at machine speed?

2. The Assisted Intelligence Camp (Microsoft, Fortinet): AI that augments and accelerates human analysts through natural language interaction, automated alert triage, and workflow optimization. Less risk of autonomous error, but dependent on analyst capacity to realize value. Microsoft's E5 bundling makes this the lowest-barrier entry point for any enterprise.

3. The Platform Consolidation Camp (Palo Alto, Zscaler): AI capabilities embedded within broader platform plays where the value proposition is data unification and architectural simplification. XSIAM's data gravity model and Zscaler's inline enforcement both require architectural commitment to deliver full AI benefit.

And then there is Carbon Black, which does not currently occupy any of these camps.

WHAT'S NEXT

In the coming weeks, we will publish individual deep-dive assessments for each vendor—detailed architectural analysis, vendor-specific qualification questions for CIOs & CISOs, and decision frameworks aligned to infrastructure profiles. These will deliver on the roadmap we outlined in our original September 2025 analysis from Q325.

CIOs & CISOs need to make $2-5M decisions based on architecture, not terminology. Follow our series or reach out for confidential consultations on your specific vendor evaluation to dispel the marketing messaging and find the true signal for securing your enterprise. 

Aegis Intel, Navigating the AI Evolution with Precision

https://www.aegisintel.ai

SOURCES AND REFERENCES

CrowdStrike Charlotte Agentic SOAR announcement (November 2025)

https://www.crowdstrike.com/en-us/blog/crowdstrike-leads-new-evolution-of-security-automation-with-charlotte-agentic-soar/

CrowdStrike Fall 2025 Release — Agentic SOC and AgentWorks (October 2025)

https://www.crowdstrike.com/en-us/blog/crowdstrike-fall-2025-release-defines-agentic-soc-secures-ai-era/

CrowdStrike Charlotte AI product page (January 2026)

https://www.crowdstrike.com/en-us/platform/charlotte-ai/

SentinelOne Purple AI Athena release announcement (April 2025)

https://www.sentinelone.com/press/sentinelone-brings-deep-security-reasoning-agentic-detection-and-response-and-hyperautomation-workflows-to-any-siem-or-data-source-with-purple-ai-athena-release/

SentinelOne Purple AI Athena technical deep dive (May 2025)

https://www.sentinelone.com/blog/the-purple-ai-athena-release/

Microsoft Ignite 2025 — Security Copilot Agents and AI Security (November 2025)

https://www.microsoft.com/en-us/security/blog/2025/11/18/ambient-and-autonomous-security-for-the-agentic-era/

Microsoft Security Copilot Agents and Protections for AI (March 2025)

https://www.microsoft.com/en-us/security/blog/2025/03/24/microsoft-unveils-microsoft-security-copilot-agents-and-new-protections-for-ai/

Microsoft 365 Pricing and Packaging Update (December 2025)

https://www.microsoft.com/en-us/microsoft-365/blog/2025/12/04/advancing-microsoft-365-new-capabilities-and-pricing-update/

Palo Alto Networks — 2025: The Year of the Autonomous SOC (December 2025)

https://www.paloaltonetworks.com/blog/security-operations/2025-the-year-of-the-autonomous-soc-the-year-of-xsiam/

Fortinet FortiAI Expansion Across Security Fabric (April 2025)

https://www.fortinet.com/corporate/about-us/newsroom/press-releases/2025/fortinet-expands-fortiai-across-its-security-fabric-platform

Zscaler ThreatLabz 2026 AI Security Report (January 2026)

https://www.zscaler.com/press/zscaler-2026-ai-threat-report-91-year-over-year-surge-ai-activity-creates-growing-oversight

Zscaler Zero Trust Everywhere — Zenith Live 2025 Announcements

https://ir.zscaler.com/news-releases/news-release-details/zscaler-launches-new-solutions-strengthen-and-extend-zero-trust

Broadcom Carbon Black EDR 7.9.0 Release Notes (October 2025)

https://techdocs.broadcom.com/us/en/carbon-black/edr/carbon-black-edr/7-9-0/release-notes/edr-7-9.html

6 Key Trends Redefining the XDR Market — CSO Online (June 2025)

https://www.csoonline.com/article/4012841/6-key-trends-redefining-the-xdr-market.html