EXCLUSIVE: Option3 Targets a Summer Launch for its Native 2020 Platform, an Agentic CISO Built on Autonomous Decision-Making

Purpose-built security model proactively hunts for breaches, combining autonomous responses with human oversight when required. It reflects Option3’s Zero Trust heritage through identity-based access decisions that adapt to evolving contexts across networks and endpoints.

Cybersecurity investment specialist Option3 is preparing to bring its next-generation platform to market, targeting a summer launch for what it now calls Native 2020. The platform is designed to provide organizations without a dedicated Chief Information Security Officer (CISO) with what the company describes as an “Agentic CISO,” capable of making real-time security decisions while deferring to human oversight when required.

The Native 2020 concept pairs an autonomous decision engine with fractional CISO services, also offered through the platform, aimed at meeting the needs of mid-market organizations that typically lack in-house security leadership and resources.

Unlike many emerging agentic AI cybersecurity providers — often built on large, generic, resource-intensive language models — Option3 is working with an AI partner whose technology has security in its DNA and takes a focused, domain-specific approach. According to sources, the model is among a limited number purpose-built specifically for cybersecurity decisioning, enabling more consistent outcomes and more efficient performance. Its design also allows for more frequent updates as threat patterns evolve.

This approach contrasts with some newer AI-driven security offerings that rely on general-purpose models, which can be harder to control, audit, and adapt in rapidly changing threat environments — and in some cases may introduce new vulnerabilities in the protection of AI agents themselves.

Developed largely in stealth, Native 2020 is built on a Zero Trust model of cybersecurity, moving beyond traditional perimeter-based defenses toward identity-centric approaches. It extends Zero Trust beyond static rules into a dynamic decision engine, where each access request is evaluated using identity and contextual signals drawn from across networks, endpoints, applications, AI agents, and data systems.

“It’s Zero Trust, but taken to its logical conclusion,” one person familiar with the platform said. “Every access becomes a decision, not just a policy check.”

Option3’s broader thesis is that cybersecurity is entering a new phase, as increasingly capable threat actors expose the limitations of traditional tools. Earlier generations focused on protecting networks, then endpoints, and later identity. But as environments become more diverse and dynamic — spanning cloud infrastructure, remote work, and autonomous AI systems — static policies are struggling to keep up.

Native 2020 extends that foundation into an autonomous model, where access is continuously evaluated based on identity and real-time context across systems — not just at login, but throughout the lifecycle of an interaction.

A source familiar with the matter tells TechEchelon that Option3 plans to bring Native 2020 out of stealth this summer, working with managed service providers (MSPs) that can deliver its autonomous security capabilities to existing customer bases. MSPs typically manage IT and security for large numbers of small and mid-sized businesses, providing a potential pathway for rapid deployment at scale.

The platform is also being developed in collaboration with the insurance sector, with the aim of offering cyber insurance policies linked to its service. Continuously evaluated access decisions could provide a more accurate and dynamic view of risk — something insurers have historically struggled to quantify.

Whether Option3 can establish its “Agentic CISO” capabilities as a new category — or whether similar approaches are absorbed into existing platforms from larger vendors — remains to be seen. But if the model proves effective, it could point toward a future where cybersecurity systems don’t just enforce rules — they make decisions.