Become a Client
Fernando Montenegro
Request an Analyst Session

“The broad evolution of and interest in agentic AI is extremely important to cybersecurity teams. As a new technology, the adoption of agentic AI across the organization means that security teams must quickly understand the technology, analyze the impact it may have on security posture, determine how to secure it, and implement these changes while supporting innovation and experimentation. That same technology, however, can potentially be a boon to security teams themselves, as they use it selectively to assist with well-defined security tasks.”

Fernando Montenegro

Vice President & Practice Lead, Cybersecurity & Resilience

Linkedin

Agentic AI Is a Focus for Cybersecurity Teams

As we reach the halfway mark for 2025, our initial prediction about increased efforts around agentic AI in cybersecurity was accurate: we saw and continue to see significant activity around agentic AI in security, both in terms of “securing agentic” and “using agentic for security.” We expect increased adoption of agentic workflows in security operations teams, particularly as large vendors fine-tune their agentic offerings.

  • Widespread Popularity Within the Business: The emergence of agentic technology is of great interest to businesses seeking efficiencies across numerous processes, and technology vendors have responded in earnest, with numerous announcements in the past few months.
  • Securing Agentic AI Is a Complex Undertaking: Agentic technology includes several aspects that must be addressed, including code security, identity management, data security, and more. The emergence of protocols such as Model Context Protocol (MCP) and Agent2Agent (A2A) brings new challenges for security teams to tackle.
  • Technology Can Be Applied to Security Use Cases: On the flip side, agentic technology has increasingly been seen as well-suited for well-defined use cases in cybersecurity, including scenarios in application security, security operations, and more.
  • Enrichment for Security Events and Alerts: Agents can be beneficial in aggregating information from multiple sources based on a deeper understanding of the underlying content. This can be applied to time-sensitive investigations where security analysts must understand the context of possible incidents. Releases from security operations vendors, including but not limited to CrowdStrike, SentinelOne, Microsoft, Cisco, Palo Alto Networks, Trend Micro, and others, evidence this.
  • Better Event Triage: Agentic AI is proving particularly useful in scenarios where the domain model, which describes how complex the context the agent needs to understand, is relatively well-defined. This works well in many security operations scenarios where automated triage can help reduce the analyst workload. A good example of this has been Microsoft’s release of a suite of agents that, among other things, automatically handle lower-level email alerts.
  • Scale Up Threat Hunting: Many security teams proactively look for signs of potential intrusion through threat hunting, but this can be a time-consuming activity requiring deep domain knowledge. Agentic technology can potentially assist here by offloading well-defined tasks from the human threat hunters. The recent advancements with the use of MCP servers connecting agents to existing security tools can be particularly useful here.

Fernando Montenegro serves as the Vice President & Practice Lead for Cybersecurity & Resilience at The Futurum Group. In this role, he leads the development and execution of the Cybersecurity research agenda, working closely with the team to drive the practice’s growth. His research focuses on addressing critical topics in modern cybersecurity. These include the multifaceted role of AI in cybersecurity, strategies for managing an ever-expanding attack surface, and the evolution of cybersecurity architectures toward more platform-oriented solutions.

Before joining The Futurum Group, Fernando held senior industry analyst roles at Omdia, S&P Global, and 451 Research. His career also includes diverse roles in customer support, security, IT operations, professional services, and sales engineering. He has worked with pioneering Internet Service Providers, established security vendors, and startups across North and South America.

Fernando holds a Bachelor’s degree in Computer Science from Universidade Federal do Rio Grande do Sul in Brazil and various industry certifications. Although he is originally from Brazil, he has been based in Toronto, Canada, for many years.

Recent Insights, News & Research

The Hard(er) Challenge in Agent Governance Is Authorization
June 26, 2026

The Hard(er) Challenge in Agent Governance Is Authorization

Fernando Montenegro, VP at Futurum, argues that the launch of the Agent Control Standard does not close the agent governance gap, and that "shrinkage," not universal coverage, is the correct...
Fernando Montenegro
The Hard(er) Challenge in Agent Governance Is Authorization
June 25, 2026

The Hard(er) Challenge in Agent Governance Is Authorization

Fernando Montenegro, VP at Futurum Group, argues that the launch of the Agent Control Standard does not close the agent governance gap, and that "shrinkage," not universal coverage, is the...
Fernando Montenegro
Can Cisco Widen Splunk’s Agentic SOC Capabilities With WideField
June 25, 2026
 

Can Cisco Widen Splunk’s Agentic SOC Capabilities With WideField?

Fernando Montenegro, VP at Futurum, examines Cisco's planned acquisition of WideField Security and how deeper identity and session intelligence could strengthen Agentic SOC capabilities as enterprises deploy more AI agents...
Fernando Montenegro
Everpure's Data Primacy Bet From Storage to System of Record
June 25, 2026
 

Everpure’s Data Primacy Bet: From Storage to System of Record

Fernando Montenegro, VP at The Futurum Group, analyzes Everpure Accelerate 2026: the rebrand from Pure Storage, the data-primacy thesis, Data Intelligence and Data Stream, a growing security story, and what...
Fernando Montenegro
HPE Discover 2026: A Coherent AI Story That Now Has to Convert
June 24, 2026
 

HPE Discover 2026: A Coherent AI Story That Now Has to Convert

Fernando Montenegro and Tom Hollingsworth analyze HPE Discover 2026, where HPE built a networking-centered, full-stack AI story and now must convert that breadth into spending momentum and a security story...
Fernando Montenegro
Tom Hollingsworth
 & 
Zscaler Bets on Agentic AI Security at Zenith Live 2026
June 12, 2026
 

Zscaler Bets on Agentic AI Security at Zenith Live 2026

Fernando Montenegro, VP at Futurum, analyzes Zscaler's Zenith Live 2026 platform announcements spanning agentic AI security and Zero Trust SASE, in a market where every major vendor is converging on...
Fernando Montenegro
All Content by this Analyst

Welcome to The Futurum Group

Login to The Futurum Group
Login to Futurum Intelligence Platform
Login to Futurum Labs Research Library

Book a Demo

Newsletter Sign-up Form

Get important insights straight to your inbox, receive first looks at eBooks, exclusive event invitations, custom content, and more. We promise not to spam you or sell your name to anyone. You can always unsubscribe at any time.

All fields are required






Thank you, we received your request, a member of our team will be in contact with you.