Become a Client
Fernando Montenegro
Request an Analyst Session

“The broad evolution of and interest in agentic AI is extremely important to cybersecurity teams. As a new technology, the adoption of agentic AI across the organization means that security teams must quickly understand the technology, analyze the impact it may have on security posture, determine how to secure it, and implement these changes while supporting innovation and experimentation. That same technology, however, can potentially be a boon to security teams themselves, as they use it selectively to assist with well-defined security tasks.”

Fernando Montenegro

Vice President & Practice Lead, Cybersecurity & Resilience

Linkedin

Agentic AI Is a Focus for Cybersecurity Teams

As we reach the halfway mark for 2025, our initial prediction about increased efforts around agentic AI in cybersecurity was accurate: we saw and continue to see significant activity around agentic AI in security, both in terms of “securing agentic” and “using agentic for security.” We expect increased adoption of agentic workflows in security operations teams, particularly as large vendors fine-tune their agentic offerings.

  • Widespread Popularity Within the Business: The emergence of agentic technology is of great interest to businesses seeking efficiencies across numerous processes, and technology vendors have responded in earnest, with numerous announcements in the past few months.
  • Securing Agentic AI Is a Complex Undertaking: Agentic technology includes several aspects that must be addressed, including code security, identity management, data security, and more. The emergence of protocols such as Model Context Protocol (MCP) and Agent2Agent (A2A) brings new challenges for security teams to tackle.
  • Technology Can Be Applied to Security Use Cases: On the flip side, agentic technology has increasingly been seen as well-suited for well-defined use cases in cybersecurity, including scenarios in application security, security operations, and more.
  • Enrichment for Security Events and Alerts: Agents can be beneficial in aggregating information from multiple sources based on a deeper understanding of the underlying content. This can be applied to time-sensitive investigations where security analysts must understand the context of possible incidents. Releases from security operations vendors, including but not limited to CrowdStrike, SentinelOne, Microsoft, Cisco, Palo Alto Networks, Trend Micro, and others, evidence this.
  • Better Event Triage: Agentic AI is proving particularly useful in scenarios where the domain model, which describes how complex the context the agent needs to understand, is relatively well-defined. This works well in many security operations scenarios where automated triage can help reduce the analyst workload. A good example of this has been Microsoft’s release of a suite of agents that, among other things, automatically handle lower-level email alerts.
  • Scale Up Threat Hunting: Many security teams proactively look for signs of potential intrusion through threat hunting, but this can be a time-consuming activity requiring deep domain knowledge. Agentic technology can potentially assist here by offloading well-defined tasks from the human threat hunters. The recent advancements with the use of MCP servers connecting agents to existing security tools can be particularly useful here.

Fernando Montenegro serves as the Vice President & Practice Lead for Cybersecurity & Resilience at The Futurum Group. In this role, he leads the development and execution of the Cybersecurity research agenda, working closely with the team to drive the practice’s growth. His research focuses on addressing critical topics in modern cybersecurity. These include the multifaceted role of AI in cybersecurity, strategies for managing an ever-expanding attack surface, and the evolution of cybersecurity architectures toward more platform-oriented solutions.

Before joining The Futurum Group, Fernando held senior industry analyst roles at Omdia, S&P Global, and 451 Research. His career also includes diverse roles in customer support, security, IT operations, professional services, and sales engineering. He has worked with pioneering Internet Service Providers, established security vendors, and startups across North and South America.

Fernando holds a Bachelor’s degree in Computer Science from Universidade Federal do Rio Grande do Sul in Brazil and various industry certifications. Although he is originally from Brazil, he has been based in Toronto, Canada, for many years.

Recent Insights, News & Research

Zscaler Bets on Agentic AI Security at Zenith Live 2026
June 12, 2026
 

Zscaler Bets on Agentic AI Security at Zenith Live 2026

Fernando Montenegro, VP at Futurum, analyzes Zscaler's Zenith Live 2026 platform announcements spanning agentic AI security and Zero Trust SASE, in a market where every major vendor is converging on...
Fernando Montenegro
CrowdStrike Falcon Aims to See Inside the AI Factory
June 9, 2026
 

CrowdStrike Falcon Aims to See Inside the AI Factory

Fernando Montenegro, VP at Futurum, analyzes CrowdStrike's integration of NVIDIA DOCA Argus telemetry into Falcon Next-Gen SIEM and what it means for AI factory security....
Fernando Montenegro
Cisco Live 2026: Platform, Silicon, and Security for the Agentic Era
June 8, 2026
 

Cisco Live 2026: Platform, Silicon, and Security for the Agentic Era

Fernando Montenegro, VP at Futurum, covers Cisco Live 2026 and analyzes Cisco's transformation from product portfolio to integrated platform, with a focus on agentic security, infrastructure scale, and the orchestration...
Fernando Montenegro
The Autonomous IT Imperative
June 2, 2026

The Autonomous IT Imperative

In our latest Market Report, The Autonomous IT Imperative, completed in partnership with Tanium, Futurum Research examines why traditional IT operations and security models are reaching their limits—and how Autonomous...
Fernando Montenegro
Cybersecurity Market to Reach $521B by 2031; Buyer Budget Growth Slows
June 1, 2026

Cybersecurity Market to Reach $521B by 2031; Buyer Budget Growth Slows

Fernando Montenegro, VP and Cybersecurity Practice Lead at Futurum, shares findings from the 1H 2026 Cyber Market Sizing and Decision Maker Survey: $521.7B by 2031 at 7.6% CAGR, with buyer...
Fernando Montenegro
Does Sophos' Agentic SOC Data Change the MDR Conversation
May 29, 2026
 

Does Sophos’ Agentic SOC Data Change the MDR Conversation?

Fernando Montenegro, VP at Futurum, analyzes Sophos' agentic SOC production data, examining what the 89-second response time and 52% AI resolution rate mean for the MDR market and Sophos' platform...
Fernando Montenegro
All Content by this Analyst

Welcome to The Futurum Group

Login to The Futurum Group
Login to Futurum Intelligence Platform
Login to Futurum Labs Research Library

Book a Demo

Newsletter Sign-up Form

Get important insights straight to your inbox, receive first looks at eBooks, exclusive event invitations, custom content, and more. We promise not to spam you or sell your name to anyone. You can always unsubscribe at any time.

All fields are required






Thank you, we received your request, a member of our team will be in contact with you.