Securing The Agentic Endpoint
Palo Alto Networks, Tuesday, February 17th, 2026
Modern endpoints are no longer defined only by executables. Increasingly, endpoint behavior is shaped by non-binary software, such as code packages, browser extensions, IDE plugins, scripts, local servers (including MCP), containers and model artifacts.
They are installed directly by employees and developers without centralized oversight. Because these components are not classic binaries, they often fall outside the visibility and control of traditional endpoint security tooling.
AI agents compound this problem. They are legitimate tools that operate with the user's credentials and permissions, enabling them to read, write, move data and take privileged actions across systems. When compromised or misused, agents become the 'ultimate insider.' They can autonomously discover, invoke and even install additional components at machine speed, accelerating risk across an already expanding, largely unmanaged software layer.