Elia Zaitsev, CTO at CrowdStrike, outlines key AI‑driven security shifts—from prompt injection and AI detection and response to agent‑driven SOC evolution and rising risks from AI and non‑human identities.
Prompt Injection is a Frontier Security Problem
Just as phishing defined the email era, prompt injection is defining the AI era. Adversaries are embedding hidden instructions to override safeguards, hijack agents, steal data, and manipulate models – turning the AI interaction layer into the new attack surface and prompts into the new malware.
In 2026, AI Detection and Response (AIDR) will become as essential as EDR, with organizations requiring real-time visibility into prompts, responses, agent actions, and tool calls to contain AI abuse before it spreads, ensuring AI drives innovation, not risk.
The Rise of Security Orchestrators
Adversaries are already using AI to move faster than humanly possible – and legacy SOCs can’t keep up. In 2026, defenders will evolve from alert handlers to orchestrators of the agentic SOC: intelligent agents that reason, decide, and act across the security lifecycle at machine speed, always under human command. This is the model that will reshape the balance between adversaries and defenders, accelerating outcomes and giving humans the time and clarity to focus on strategy, judgment, and impact.
The success of this evolution will depend on the following pre-requisites:
- Providing both agents and analysts complete environmental context with the ability to immediately action any signal.
- An agentic workforce of mission-ready agents trained on years of expert SOC decisions to automate high-friction tasks with speed and precision.
- Benchmarks and validation to prove the effectiveness of agents.
- The ability for organizations to build and customize their own agents to satisfy unique needs.
- Orchestrating agent-to-agent and analyst-to-agent collaboration within one coordinated system guided by human expertise.
Security analysts are not going away – they’re being elevated by a fleet of agents that work at machine speed.
AI Identity Management
In 2026, AI agents and non-human identities will explode across the enterprise, expanding exponentially and dwarfing human identities. Each agent will operate as a privileged super-human with OAuth tokens, API keys, and continuous access to previously siloed data sets, making them the most powerful and most dangerous entities in your environment.
Identity security built for humans won’t survive this shift. Security teams will need real-time visibility, instant containment, and the ability to trace every agent action back to the human who created it. When an AI agent wires money to the wrong account or leaks intellectual property, “the AI did it” won’t be an acceptable answer. This is the era where identity security means protecting entities that don’t have a pulse.