SandboxAQ announced a series of upgrades to its AQtive Guard AI Security Posture Management (AI‑SPM) platform on March 23, 2026, positioning the suite for broader enterprise adoption as AI agents move from experimental pilots to core workflow components. The enhancements, unveiled just weeks before RSA Conference 2026, focus on surfacing hidden AI assets, enforcing policy at the point of interaction, and extending visibility into cloud‑based models and agents.
Why the upgrade matters now
Enterprises are accelerating the integration of generative AI agents into everyday processes—customer support bots, coding assistants, and decision‑support tools are becoming routine. Newer agent frameworks such as OpenClaw demonstrate how quickly these systems can be spun up and start interfacing with internal services. However, that speed comes with a blind spot: security teams often lack a comprehensive inventory of the AI models, agents, Model Context Protocol (MCP) servers, and third‑party services operating behind the scenes.
Without a unified view, organizations struggle to enforce consistent safeguards, assess compliance with emerging regulations like the EU AI Act, or detect rogue AI deployments that could exfiltrate data or execute unintended actions. SandboxAQ’s latest release targets those gaps by expanding discovery, adding real‑time policy enforcement, and providing reporting aligned with global governance frameworks.
New capabilities in detail
- Guardrails for inbound and outbound AI trafficThe platform now intercepts every prompt sent to an AI system and every generated response, applying configurable policies that block malicious prompt injections, prevent unauthorized data leakage, and enforce usage limits. By acting at runtime, the guardrails reduce the attack surface without requiring changes to the underlying application code.
- Autonomous MCP risk analysisA dedicated security agent evaluates the security posture of MCP servers—components that mediate communication between AI models and external data sources. The analysis flags misconfigurations, suspicious connector behavior, and potential avenues for privilege escalation, allowing teams to remediate before an exploit materializes.
- Enterprise‑grade posture reportingAQtive Guard now aggregates compliance data into structured reports that map directly to standards such as the EU AI Act, NIST AI Risk Management Framework, and internal governance policies. The reporting module helps executives and auditors demonstrate that AI deployments are operating within approved risk parameters.
- Cloud‑wide AI asset scanningThe updated scanner crawls major cloud environments to locate AI models, containerized agents, and associated metadata. This capability uncovers “shadow AI”—instances that were provisioned without formal approval—giving security teams the visibility needed to enforce licensing, cost controls, and data residency requirements.
Leadership perspective
> “AI is becoming embedded in critical enterprise workflows and infrastructure,” said Marc Manzano, General Manager at SandboxAQ. “Without proper oversight, organizations risk data leakage, prompt injection attacks, or autonomous agents taking actions across enterprise systems without security teams realizing it. As AI adoption accelerates, companies need continuous visibility and enforceable guardrails so they can deploy AI confidently, protect sensitive data, and demonstrate to security leaders, auditors, and regulators that these systems are operating under real governance.”
Manzano’s comments underline the shift from ad‑hoc AI experimentation to regulated, production‑grade deployments. By providing both discovery and enforcement, SandboxAQ aims to close the loop that many security teams cite as missing from current AI tooling.
How the upgrades fit into the broader AI security landscape
The market for AI‑focused security solutions is still nascent, with most vendors offering either model‑level scanning or basic policy management. SandboxAQ’s combined approach—spanning prompt‑level guardrails, MCP risk assessment, and cloud inventory—places it among the few providers delivering an end‑to‑end AI‑SPM stack. Competitors that focus solely on model provenance or vulnerability scanning may struggle to address the runtime threats highlighted by the new guardrails.
Moreover, the inclusion of compliance‑ready reporting aligns the product with the increasing regulatory pressure on AI use. Enterprises that must certify adherence to the EU AI Act or similar frameworks will find the automated mapping of controls to standards a valuable time‑saver. The compliance reporting aspect also supports broader governance initiatives.
RSA 2026 showcase
SandboxAQ will demonstrate the refreshed AQtive Guard suite at RSA Conference 2026 in San Francisco, occupying booth S‑2027. Attendees can expect live demos of prompt‑level interception, MCP risk diagnostics, and cloud‑based AI asset discovery in action. The company has positioned the event as a platform to gather feedback from security practitioners and refine the product roadmap for the remainder of the year.
Availability and next steps
The new features are currently being rolled out to a limited set of customers, with a broader release slated for later in 2026. Interested parties can read a detailed blog post on the company’s website or schedule a private demonstration through the event page at https://aqtiveguard.com/events/rsac-2026.
Power Tomorrow’s Intelligence — Build It with TechEdgeAI
