Trials and demos
How to buy

Cisco at RSAC™ 2026 Conference

March 23-26, 2026 | San Francisco, CA
Cisco Booth 6044 and Splunk Booth 6144

Register now Contact us

Security for the agentic era. Open by design. AI by default.

Join us at RSAC and discover how Cisco and Splunk, a Cisco company, are redefining security for a new era of agents, AI, and innovation. Together, Cisco and Splunk deliver an open, network-native platform purpose-built to enable and secure the agentic enterprise at scale.

Explore hands-on demos, dive into the theater sessions, meet Cisco and Splunk experts, and learn how open, AI-powered security is transforming businesses just like yours.

Head to the North Hall and visit our booths to see the future of security in action. Cisco Booth 6044 and Splunk Booth 6144, located side-by-side. 
Jeetu Patel​, President and Chief Product Officer​​, Cisco headshot

Keynote

Reimagining security for the agentic workforce

Monday, March 23​ | 4:15–4:35 p.m. 

AI agents are being deployed at machine speed and unlimited scale, and they are challenging the foundational assumptions every security architecture was built on. The agentic era doesn't just expand the threat surface. It demands a new governing model for how trust is established, how access is granted, and who is accountable when something goes wrong. It's time for a new model.

  • Jeetu Patel​, President and Chief Product Officer​​, Cisco

Can't make it to RSAC 2026 this year? Be sure to view the live stream at RSAC or check back here the next day to view the recording.

Catch the live stream
John Morgan and Fred Frey of Splunk headshots

Keynote

Lessons from the agentic frontier: How the SOC is winning in the AI era ​

Tuesday, March 24 | 3:35-3:55 p.m. ​

Agentic AI is transforming SecOps, enabling machines to decide and act at machine speed. While this drives innovation, it also fuels advanced threats. The agentic SOC is the new model: defenders shift from reactive response to proactive strategy, blending automation with human leadership. This session shares practical insights on building a human-led, machine-accelerated SOC for the AI era.

  • John Morgan, Cybersecurity Executive Leadership, Splunk
  • Fred Frey, Director of AI Engineering for Security Products, Splunk

Speaking sessions

Cisco Partner Perspective Track Session

From chatbots to change agents: Securing agentic AI​

Monday, March 23 | 2:20-3:10 p.m.

As organizations race to deploy agentic AI, a new security paradox emerges: the autonomy that makes these agents powerful also makes them impossible to secure with traditional human-centric controls. Your AI agents are having an identity crisis—and it’s yours to solve. In this session we'll explore how identity-centric security, zero trust, and SASE come together to secure agentic AI. 

  • Matt Caulfield, VP of Product, Identity, Cisco
  • Kevin Kennedy, VP of Product Marketing, Cisco 
Register: Securing agentic AI​

Cisco Partner Perspective Track Session

When AI steals your patch window: Beating the clock with runtime defense 

Tuesday, March 24 | 1:15-2:05 p.m. 

AI is collapsing exploitation timelines from weeks to hours—mining vulnerabilities, automating exploits, and mapping lateral attack paths before patches exist. Traditional patch cycles can't keep pace. This session delivers practical examples of runtime exploit shielding, East-West traffic controls that block lateral movement, and Attack Path Analysis that surgically hardens your critical assets.

  • Dan Wendlandt, VP of Product Management, Cisco 
Register: Runtime defense 

Splunk Partner Perspective Track Session

Building an agentic SOC: Practical ways defenders win with AI

Tuesday, March 24 9:40-10:30 a.m.

This session will share real SOC lessons from a leading SecOps provider. Learn what works now: when to trust automation, when to keep humans involved, and how to redesign workflows for effective defense. Attendees will gain practical strategies for an agentic SOC—prioritizing use cases, measuring impact, and scaling AI-driven defenses safely. 

  • Dave Dalling, GVP, Global Cyber Strategy, Splunk
  • Ashwin Rajendra, Manager, Detection & Automation Engineering, Kimberly Clark
Register: Agentic SOC

Supply chain under siege: Strategic defense in a regulated world

Wednesday, March 25 | 1:15-2:05 p.m.

This panel will explore how increasingly strict global regulations and rising supply chain attacks are reshaping supply chain security strategy. Experts will share legal, technical, and operational insights to help CISOs and risk managers build resilient, compliant supply chain defense programs in a new era of legal mandates for supply chain security.

Panel: 

  • Christopher Hale, Senior Director, Cyber and National Security Law, Cisco
  • Kate Growley, Partner & Senior Director, Crowell & Moring LLP & Crowell Global Advisors
  • Cassie Crossley, CEO & Co-founder, VulNow
  • Katherine McDaniel, Director, Cyber Legal, T-Mobile
Register: Supply chain

Beyond Jericho: Salvaging zero trust from Buzzword Bingo

Wednesday, March 25 | 1:15- 2:05 p.m.

Despite years of enthusiasm since the Jericho Forum and Google's BeyondCorp, many still struggle to implement zero trust. The principles are known, but operationalizing ZTA stalls. Have CISOs been gaslit? The disconnect between promise and reality is painful. This session will deliver a practical framework for turning buzzwords into building blocks for successful programs.

  • Helen Patton, Cybersecurity Advisor, Cisco
  • Wolfgang Goerlich, CISO, Oakland County
Register: Beyond Jericho

Exclusive events

Be on the cutting edge of innovation

Tuesday, March 24 | 3-7 p.m. | Convene | 100 Stockton, Pacific Hall, Level 5 (5-minute walk from the Moscone Center)

Join top security leaders and Cisco executives, at Convene, for real conversations around AI, zero trust, ransomware, cloud security, and identity—designed to help you stay resilient, adaptive, and confident in the face of what comes next. Cut through the conference noise with an afternoon full of innovation, strategic insight, and networking—complete with food and beverages. 

Reserve your spot

Kick off RSAC™ 2026 with an exclusive evening with Splunk at Madarae

Tuesday, March 24 | 6:30-9 p.m. | Madarae | 46 Minna St

Enjoy engaging conversations and valuable networking opportunities with Splunk security leaders and industry peers while experiencing good beats and a lively atmosphere that will set the tone for the week ahead. Savor delicious drinks and bites as you connect with others in a unique, vibrant setting. Please note that an RSAC 2026 badge is required for entry, and space is limited—so be sure to sign up now.

Save your spot

Decade of defense: 10 years of SOC securing RSAC

Secure your spot: RSAC 2026 SOC tour—see network security in action

Ever wondered what it takes to secure a major conference network? Join us for an exclusive Security Operations Center (SOC) tour at RSAC 2026.

Wrap up RSAC with our Cisco and Splunk SOC report session

PROTECTED: The 7th Annual Report from the SOC at RSAC™

Security Operations Center (SOC) tours

Cisco and Splunk are providing SOC services to RSAC 2026 Conference, monitoring traffic on the Moscone wireless network for security threats. Experience the SOC of the Future, powered by Cisco Security Cloud and Splunk Enterprise Security, with advanced protection from Firepower Threat Defense, Duo Identity, AI Defense, and Talos Intelligence. Endace continuous packet capture is fully integrated to provide comprehensive visibility and rapid response.

During your visit, you'll receive a live security briefing and engage in Q&A with Cisco and Splunk engineers. Tours are offered at the times listed below, and advanced registration is highly recommended (max of 35 people per tour).

Tuesday, March 24

  • 10:10 a.m.
  • 3:00 p.m.
  • 5:00 p.m.

Wednesday, March 25

  • 10:10 a.m.
  • 3:00 p.m.
  • 5:00 p.m.

Thursday, March 26

  • 10:10 a.m.
  • 1:00 p.m. 
Reserve your tour

PROTECTED: The 7th Annual Report from the SOC at RSAC™

Thursday, March 26 | 1:30-2:20 p.m.

This session will share the experiences of the team securing the RSAC™ wireless network within the Security Operations Center. Attendees will learn about the network security, interesting activities observed, and innovations implemented. Join us to hear what's new at the Annual Report from the SOC at RSAC. Although this is the 7th year of the report session, this is the 10th year of the SOC at RSAC.

  • Jessica Oppenheimer, Director Security Operations
  • Tony Iacobelli, Senior Manager, Splunk Advanced Response

Security Operations Center (SOC) tours

Cisco and Splunk are providing SOC services to RSAC 2026 Conference, monitoring traffic on the Moscone wireless network for security threats. Experience the SOC of the Future, powered by Cisco Security Cloud and Splunk Enterprise Security, with advanced protection from Firepower Threat Defense, Duo Identity, AI Defense, and Talos Intelligence. Endace continuous packet capture is fully integrated to provide comprehensive visibility and rapid response.

During your visit, you'll receive a live security briefing and engage in Q&A with Cisco and Splunk engineers. Tours are offered at the times listed below, and advanced registration is highly recommended (max of 35 people per tour).

Tuesday, March 24

  • 10:10 a.m.
  • 3:00 p.m.
  • 5:00 p.m.

Wednesday, March 25

  • 10:10 a.m.
  • 3:00 p.m.
  • 5:00 p.m.

Thursday, March 26

  • 10:10 a.m.
  • 1:00 p.m. 
Reserve your tour

Visit our booths to explore a variety of demos

North Hall Booth 6044

North Hall Booth 6144

Demo Description

Mind the gaps, stop the spread

Hybrid Mesh Firewall​

Attackers rely on unchecked lateral movement. See how Cisco Hybrid Mesh Firewall meets you where you are on your segmentation journey—delivering both agentless and agent-based segmentation across traditional and modern workloads, including Kubernetes. Reduce your attack surface and contain threats before they spread.

Protect industrial environments

Hybrid Mesh Firewall​

IT and OT convergence shouldn't mean increased risk. See how Cybervision, Cisco Identity Services Engine (ISE), and Cisco Secure Firewall work together to deliver unified threat detection and policy enforcement across industrial environments—without disrupting the production systems your operations depend on.

Stop zero days and encrypted threats

Hybrid Mesh Firewall​

Policy sprawl is a security risk. See how Cisco Security Cloud Control gives you a single place to manage and deploy L3/4 policies across Cisco and non-Cisco firewalls, and apply L7 inspection to uncover threats hiding in encrypted traffic—driving consistent enforcement across your entire enterprise.

Protect AI apps with Cisco AI Defense

Hybrid Mesh Firewall​

You can't protect what you can't see. See how Cisco AI Defense automatically discovers AI assets across your enterprise, maps your AI ecosystem, and delivers purpose-built protection against threats targeting AI applications—giving you the centralized visibility and control needed to keep your AI investments secure and compliant.

Zero trust for the agentic workforce

Zero Trust Access​

AI agents are taking on business-critical work—and that means they need to be secured like any other privileged identity. See how Cisco Zero Trust for Agentic AI gives security teams visibility into agent activity, enforces fine-grained access controls, and enables real-time intervention when agent behavior puts data or systems at risk.

Optimize identity-driven segmentation

Zero Trust Access​

Network location alone is no longer a reliable trust signal. See how Cisco Identity Services Engine (ISE) and TrustSec enforce segmentation based on who or what is connecting—dynamically applying identity-based policies across campus and data center environments.

Outsmart identity attacks

Zero Trust Access​

Identity is the leading cause of breaches—and the foundation of zero trust. See how Cisco's security-first IAM approach stops identity-based attacks with end-to-end phishing resistance, while Cisco Identity Intelligence feeds continuous risk insights into your broader security stack to enable dynamic access decisions and real-time threat response.

Instant attack verification

Agentic SOC

Alert fatigue shouldn't slow down your response to real threats. See how Cisco XDR uses AI to surface and prioritize the incidents that matter most—while Cisco XDR Forensics enables remote acquisition of digital evidence at scale, accelerating investigations without breaking chain of custody.
Demo Description

Build the agentic SOC on a data fabric foundation

Agentic SOC

The Cisco Data Fabric is purpose-built for the AI era, enabling organizations to innovate faster, strengthen security, and achieve greater business agility. By unifying and activating machine data from every corner of the enterprise, the framework delivers turnkey solutions that reduce cost and complexity while overcoming the challenges of managing distributed data at scale. This capability breaks down traditional data barriers, enabling faster, more accurate threat detection and response through real-time, AI-enhanced analytics without compromising data governance or security.

Deploy AI agents for the SOC

Agentic SOC

Strengthens alert triage with AI-powered prioritization and context. Obtain key details and guided automation and response and help analysts quickly assess findings by leveraging multiple services to reduce noise and focus on what matters. 

Author and tune detections

Agentic SOC

Obtain a complete detection lifecycle experience that enables detection engineers to seamlessly plan, develop, test, deploy, and monitor detections, thereby improving confidence in detection deployment and enabling faster mean-time-to-detect. 

Automate and orchestrate SOC workflows

Agentic SOC

Accelerates time-to-value and enables teams to identify, configure, and validate automation content faster—turning natural language prompts into tested SOAR playbooks that just work, without requiring deep platform expertise. 

Build custom security apps

Agentic SOC

Unlock addtional use cases and capabilities that re-use security data with apps like Splunk Detection Insights, Splunk App for Fraud Analytics, and the Splunk OT Security add-on.

Unlock asset visibility and insights

Agentic SOC

Generate accurate, comprehensive inventories of asset and identity entities, and their interrelationships within Splunk ES, enabling complete, current, and context-rich asset and identity data. 

Integrate TDIR workflows

Agentic SOC

Learn how to simplify the analyst experience through integrated workflows and merging Splunk Security capabilities into one platform.

Identify and mitigate insider threats

Agentic SOC

Mitigate insider threats in real time using OOTB, proven, and scalable ML models, and trigger high-fidelity alerts fully integrated in investigation workflows​.

Hybrid Mesh Firewall demos

  • Stop lateral movement 
  • Reduce patching gap 
  • Streamline firewall management   
  • Protect critical and industrial environments 
  • Protect AI applications

Zero Trust Access​

  • Control application access   
  • Protect against AI agents   
  • Outsmart identity attacks

Agentic SOC / XDR

  • Instant attack verification​

Agentic SOC

  • Unlock machine data for the SOC  
  • Author and tune detections  
  • Integrated TDIR workflows  
  • Identify and mitigate insider threats  
  • Deploy AI agents for the SOC  
  • Automate and orchestrate SOC workflows  
  • Build custom security apps  
  • Unlock asset visibility and insights

Engage and win

Be sure to visit the Cisco In-Booth Theater for your chance to win

Watch a full in-booth theater presentation and answer the question at the end for a chance to win great prizes. Winners will be chosen from those who participate. Don’t miss out.

Unlock the power of data—Splunk and Cisco T-shirt challenge

Join the fun by collecting two exclusive pins. Explore engaging demos and dynamic theater sessions at both the Splunk and Cisco booths to earn your pins. Once you've earned your pins, head to the iconic T-Shirt Wall at Splunk Booth 6144 to claim your prize.

Follow Cisco Events

Live and on demand

See the latest from Cisco Live around the world

Join us in person, digitally, or on demand to be inspired, discover technical education on a variety of topics, and learn how Cisco will help you connect, protect, and thrive in the AI-driven world.

Explore Cisco Live