The threat landscape of email keeps changing very fast as cybercriminals are getting more and more dependent on artificial intelligence in launching highly sophisticated attacks. In fact, IRONSCALES in response to this change has unveiled their Winter 2026 Release featuring three new AI, based security agents which can very well equip the organizations in not only defending the advanced phishing threats but also fighting agentic cybercrime. Reflecting the overall trend towards more anticipatory cybersecurity methods, this new release will allow security teams to make their first point of contact with the threats and thereby be able to identify risks even before they are created as opposed to reacting only after the attack has been carried out. The new agentic architecture gives rise to three separate AI agents zwrotnies Phishing SOC Agent and Phishing Simulation Agent which collectively work towards enhancing the email security of a corporation. Given that with the help of these agents, the email security can be turned from a reactive monitoring to a proactive threat modeling and prevention, combining ECRE, THREAT INVESTIGATION, and TARGETED SIMULATION capabilities, these agents are designed to anticipate potential attack strategies and reinforce organizational defenses ahead of real, world incidents.
The company’s innovation is coming at a point in time when threats in cyberspace powered by AI are increasing their pace. According to the study that the company quoted in their press release, 88% of organizations in the last year experienced at least one security incident that led to loss of trust in digital communications, and over 80% of organizations saw an increase in the attacker activities which were targeting trusted communication channels. Also, one in five security leaders are now convinced that traditional security awareness training alone is not enough to deal with more and more sophisticated AI, powered threats. There has been a shift in the means of conducting cyber attacks as the company pointed out that phishing has now evolved to be powered by AI, generated impersonation and social engineering techniques.
“Phishing 3.0 is flawless impersonation at scale. Attackers use AI to research organizations, craft personalized lures, and bypass pattern-based detection on the first attempt. No malicious payloads, just pure social engineering,” said IRONSCALES CEO Eyal Benishti. “Legacy solutions weren’t built for this. But our new agents enable the shift from reactive to preemptive email security, allowing CISOs and their teams to stay ahead.”
Each of the new agents plays a different part in fortifying the defense of an organization. The Red Teaming Agent in particular carries out open, source intelligence (OSINT) gathering by looking at publicly available information such as social media activity, press releases, and hiring announcements to identify possible attack methods that enemies might try to exploit. Subsequently, the information obtained is leveraged to develop defensive measures that can detect vulnerabilities prior to their being targeted by attackers. On the other hand, the Phishing SOC Agent acts as a digital investigator powered by artificial intelligence that is able to carry out a thorough forensic examination of suspicious emails within a very short time frame. Instead of making security teams spend their valuable time manually going through each of the escalating issues, the agent generates a full, fledged security report which not only contains a final decision but also presents the evidence and the line of reasoning behind its conclusions.
The last pillar, Phishing Simulation Agent, is primarily intended to enhance employees’ role awareness via very personalized simulation campaigns. Based on OSINT data, it creates tailored phishing scenarios according to particular employees and types of communication. Therefore, companies are able to evaluate their preparedness as well as their potential in countering cybercrimes using legitimate methods rather than standard training forms.
Also Read: Forcepoint Introduces ARIA AI Assistant and Advanced Endpoint Intelligence
Explaining the operational benefits of this approach, IRONSCALES leadership noted that the goal is not to replace human security teams but to extend their capabilities through intelligent automation.
“Security teams are stretched thin,” said Audian Paxson, Principal Technical Strategist at IRONSCALES. “The Osterman data confirms what CISOs already know: the threat has outpaced the tooling. These agents don’t replace your team – they augment what your team can do. You get preemptive threat modeling, forensic-depth investigation on demand, and simulations calibrated to the actual attacks targeting your people. No additional headcount required.”
Alongside the deployment of AI agents at the Winter 2026 release, the email encryption feature stands out as a major evolution of the platform. This feature focuses on securing outbound communications and filling a significant security gap, which is common in many enterprise email setups. It leverages adaptive AI to interpret the context of a message and then decides whether to encrypt it based on the presence of sensitive or regulated data. If organizations choose, they can let users manually encrypt messages that they believe carry the highest risk. This is done without compromising the centralized control and oversight of security and governance teams through compliance reporting functionalities, which are always maintained. Besides that, the release makes changes in the company’s protection tech against deepfakes for Microsoft Teams that was initially launched in 2025. Now, deployment is more effortless due to the inclusion of automatic profile learning, which enables the system to understand user behavior patterns without much disruption as it does not require employees to change their workflows or manually configure settings.
“The biggest question we heard from customers about deepfake protection was, ‘how do I actually roll this out at scale?'” said Benishti. “Automatic profile learning answers that. Your employees don’t have to do anything different. The system learns as they work.”
The company also announced new additions to its leadership team as part of a broader push to accelerate product innovation. Cybersecurity and B2B SaaS veteran Steven Malone has joined as Chief Strategy Officer, while Amit Bluman, who brings more than two decades of experience across cybersecurity, analytics, and AI-driven product development, has been appointed Senior Vice President of Research and Development.
With more than 17,000 organizations worldwide relying on its platform, IRONSCALES continues to focus on combining artificial intelligence with human intelligence to detect and remediate advanced threats such as business email compromise (BEC), account takeovers, and zero-day phishing attacks. The Winter 2026 Release reflects the company’s broader strategy of enabling enterprises to stay ahead of increasingly autonomous and AI-powered cyber threats.
