In this series, Aviatrix leaders discuss our predictions for cloud security in 2026.
2025 was a year of rapid AI adoption, multicloud innovation, and security challenges. Agentic AI became an exciting reality for network tasks like automating manual processes, evaluating traffic patterns, and finding vulnerabilities. It also became a new attack vector.
In my experiences at companies like Google, VMware, and Cisco Systems, I’ve seen long-promised innovations like AI arrive slower than expected, and I’ve watched massive changes like the introduction of Kubernetes and the rise of serverless push security models to their limits.
What doesn’t change is this: wherever valuable data sits, adversaries will innovate to reach it. Security architectures must evolve just as quickly.
Here are my predictions for innovations in 2026:
1. 2025 Will Be the Year of the AI Firewall(s)
As my colleague Chris McHenry pointed out, we are developing a critical need for an AI firewall – a firewall that uses AI to protect environments from AI misuse.
We are still in the wild, wild west of AI development. Innovation is outpacing governance, controls, and even basic operational guardrails. AI-driven actions are already happening inside environments faster than security teams can evaluate them.
As I’ve explained elsewhere, agentic AI runs on virtual machines (VMs), Kubernetes clusters, and serverless functions. While this design gives agentic AI the power to automate tedious processes and perform valuable network tasks, it also creates a huge security risk. AI agents can misunderstand the context or scope of their instructions and do serious damage to a network before they are discovered. They could also be hacked and used for reconnaissance, privilege escalation, lateral movement, and data exfiltration because they can slip past traditional security controls.
Security teams who want to use agentic AI will increasingly adopt AI firewalls: policy engines that use AI to scan and block workload traffic, whether ingress or egress.
My recommendation for security teams: As you investigate AI firewalls as a solution to AI security risks, don’t forget basic zero trust security principles (see prediction # 2). The shiniest new feature is only a waste of time, energy, and money if it doesn’t perform the basic function of preventing data theft.
2. Rising Threats Will Push a Mass Implementation of Zero Trust Protocols
There are only so many data breaches an economy can take. Ransomware, APT (advanced persistent threat) groups, and the risk of accidental data exposure threaten organizations’ reputations and compliance. As organizations adopt AI firewalls, they’ll also be forced to operationalize zero trust, at scale, not just conceptually.
Zero trust principles are an essential paradigm shift for cloud security. The Zero Trust Maturity Model 2.0 provides a roadmap for proactive, scalable security: transforming protocols around identity, devices, networks, applications and workloads, and data.
As networks grow larger, more distributed, and more complex, 2026 will turn zero trust from a vision into an operational requirement.
My recommendation for security teams: Zero trust implementation is worth the investment. Use the ZTMM 2.0 to move from traditional to optimal security. See this blog for a roadmap.
3. Expanding Use of Kubernetes and Serverless Will Lead to New Security Models
Kubernetes clusters and serverless functions like AWS Lambda, Microsoft, and Google Cloud Run have become the default execution environments for their agility and cost effectiveness.
However, the dynamic and ephemeral nature of Kubernetes and serverless make them more difficult to secure. Kubernetes eats IP addresses; serverless functions can challenge visibility and security policy enforcement.
Organizations will accelerate adoption of Kubernetes and serverless but their challenges will force security teams to adopt unified, execution-layer-agnostic security models.
By 2026, the question won’t be “how do we secure Kubernetes?”, it will be “how do we secure Kubernetes, serverless, and VMs under one consistent model?”
My recommendation for security teams: Choose solutions that simplify over time, not ones that add niche controls you’ll maintain forever.
4. Security Teams Will Increasingly Push for Visibility . . . But They Need More Than That
At KubeCon this year, I was surprised by how many vendors were advertising visibility of the entire security stack. Increasingly complex and distributed environments, and risks like Shadow IT and Shadow AI, are making security leaders nervous; there are too many places for an attacker to enter, hide, and exfiltrate data.
I am a huge fan of visibility. Blind spots in a network are an open door not only for threat actors, but misconfigurations and inefficiencies that can take down a network (as well as costing a lot). But visibility is only the first step. You need actionable intelligence and insight to find the unprotected pathways in your network; vulnerable workloads; overpermissioning; and other security flaws a network can find.
In 2026, I predict that security teams will keep investing in visibility – but they’ll increasingly expect these platforms to not just surface issues, but help resolve them.
My recommendation for security teams: Look for a visibility solution that exchanges alert fatigue for clarity. Try to look at your cloud the way an attacker does and watch the pathways they might exploit.
Read 2026 predictions from Aviatrix CEO Doug Merritt, Chief of Information Security John Qian, and Head of Product Chris McHenry.
Learn more about Aviatrix Zero Trust for Workloads – a solution that operationalizes zero trust for your network.
