Menu
Become a Client
Fernando Montenegro
Request an Analyst Session

“The broad evolution of and interest in agentic AI is extremely important to cybersecurity teams. As a new technology, the adoption of agentic AI across the organization means that security teams must quickly understand the technology, analyze the impact it may have on security posture, determine how to secure it, and implement these changes while supporting innovation and experimentation. That same technology, however, can potentially be a boon to security teams themselves, as they use it selectively to assist with well-defined security tasks.”

Fernando Montenegro

Vice President & Practice Lead, Cybersecurity & Resilience

Linkedin

Agentic AI Is a Focus for Cybersecurity Teams

As we reach the halfway mark for 2025, our initial prediction about increased efforts around agentic AI in cybersecurity was accurate: we saw and continue to see significant activity around agentic AI in security, both in terms of “securing agentic” and “using agentic for security.” We expect increased adoption of agentic workflows in security operations teams, particularly as large vendors fine-tune their agentic offerings.

  • Widespread Popularity Within the Business: The emergence of agentic technology is of great interest to businesses seeking efficiencies across numerous processes, and technology vendors have responded in earnest, with numerous announcements in the past few months.
  • Securing Agentic AI Is a Complex Undertaking: Agentic technology includes several aspects that must be addressed, including code security, identity management, data security, and more. The emergence of protocols such as Model Context Protocol (MCP) and Agent2Agent (A2A) brings new challenges for security teams to tackle.
  • Technology Can Be Applied to Security Use Cases: On the flip side, agentic technology has increasingly been seen as well-suited for well-defined use cases in cybersecurity, including scenarios in application security, security operations, and more.
  • Enrichment for Security Events and Alerts: Agents can be beneficial in aggregating information from multiple sources based on a deeper understanding of the underlying content. This can be applied to time-sensitive investigations where security analysts must understand the context of possible incidents. Releases from security operations vendors, including but not limited to CrowdStrike, SentinelOne, Microsoft, Cisco, Palo Alto Networks, Trend Micro, and others, evidence this.
  • Better Event Triage: Agentic AI is proving particularly useful in scenarios where the domain model, which describes how complex the context the agent needs to understand, is relatively well-defined. This works well in many security operations scenarios where automated triage can help reduce the analyst workload. A good example of this has been Microsoft’s release of a suite of agents that, among other things, automatically handle lower-level email alerts.
  • Scale Up Threat Hunting: Many security teams proactively look for signs of potential intrusion through threat hunting, but this can be a time-consuming activity requiring deep domain knowledge. Agentic technology can potentially assist here by offloading well-defined tasks from the human threat hunters. The recent advancements with the use of MCP servers connecting agents to existing security tools can be particularly useful here.

Fernando Montenegro serves as the Vice President & Practice Lead for Cybersecurity & Resilience at The Futurum Group. In this role, he leads the development and execution of the Cybersecurity research agenda, working closely with the team to drive the practice’s growth. His research focuses on addressing critical topics in modern cybersecurity. These include the multifaceted role of AI in cybersecurity, strategies for managing an ever-expanding attack surface, and the evolution of cybersecurity architectures toward more platform-oriented solutions.

Before joining The Futurum Group, Fernando held senior industry analyst roles at Omdia, S&P Global, and 451 Research. His career also includes diverse roles in customer support, security, IT operations, professional services, and sales engineering. He has worked with pioneering Internet Service Providers, established security vendors, and startups across North and South America.

Fernando holds a Bachelor’s degree in Computer Science from Universidade Federal do Rio Grande do Sul in Brazil and various industry certifications. Although he is originally from Brazil, he has been based in Toronto, Canada, for many years.

Recent Insights, News & Research

Does the NetApp-Commvault Partnership Signal a Paradigm Shift for Backup?
March 27, 2026
 

Does the NetApp-Commvault Partnership Signal a Paradigm Shift for Backup?

Fernando Montenegro at Futurum examines NetApp and Commvault’s alliance linking storage-layer ransomware detection to automated recovery workflows across hybrid environments....
Fernando Montenegro
Futurum Research Finds Threats and Skills Shortages Dominate SOC Challenges
March 23, 2026

Futurum Research Finds Threats and Skills Shortages Dominate SOC Challenges

Fernando Montenegro, VP and Practice Lead at Futurum, shares insights on new research revealing that sophisticated threats and skills shortages are the primary challenges hindering SOC and risk management efficiency....
Fernando Montenegro
Fortinet’s FortiOS 8.0 Pushes Secure Networking Toward AI Governance
March 16, 2026
 

Fortinet’s FortiOS 8.0 Pushes Secure Networking Toward AI Governance

Fernando Montenegro, VP and Practice Lead, Cybersecurity at Futurum, examines Fortinet’s FortiOS 8.0 adds AI governance, flexible SASE options, and quantum-safe protections to secure networking across hybrid environments....
Fernando Montenegro
Cohesity’s DSPM Bet Blurs the Line Between Visibility and Recovery
March 16, 2026
 

Cohesity’s DSPM Bet Blurs the Line Between Visibility and Recovery

Fernando Montenegro, VP and Practice Lead, Cybersecurity Futurum Research at The Futurum Group, examines Cohesity DSPM, powered by Cyera, ties sensitive data discovery and classification to protection and recovery readiness...
Fernando Montenegro
Commvault-CrowdStrike SIEM Link Tests Bi-Directional Resilience
March 6, 2026
 

Commvault-CrowdStrike SIEM Link Tests Bi-Directional Resilience

Fernando Montenegro, VP and Practice Lead, Cybersecurity at Futurum, examines how Commvault’s bi-directional integration with CrowdStrike Falcon Next-Gen SIEM enables shared backup-integrity telemetry to fasten recovery after cyberattacks....
Fernando Montenegro
CrowdStrike Q4 FY 2026 Earnings Extend ARR Scale and AI Security Focus
March 6, 2026
 

CrowdStrike Q4 FY 2026 Earnings Extend ARR Scale and AI Security Focus

Fernando Montenegro, VP Cybersecurity at Futurum, highlights CrowdStrike’s Q4 FY26 earnings: Falcon expands into AI security, identity, and browser runtime, underscoring consolidation-driven cybersecurity strategies....
Fernando Montenegro
All Content by this Analyst

Welcome to The Futurum Group

Login to The Futurum Group
Login to Futurum Intelligence Platform
Login to Futurum Labs Research Library

Book a Demo

Newsletter Sign-up Form

Get important insights straight to your inbox, receive first looks at eBooks, exclusive event invitations, custom content, and more. We promise not to spam you or sell your name to anyone. You can always unsubscribe at any time.

All fields are required






Thank you, we received your request, a member of our team will be in contact with you.