Cequence Security records its best quarter in company history as enterprises across Saudi Arabia, Qatar, and the UAE race to secure AI agents before the risks outpace the rollout.

[For more news, click here]

There is a peculiar dynamic forming at the intersection of artificial intelligence and enterprise security, and it is playing out most visibly not in Silicon Valley, but in Riyadh, Doha, and Dubai. Enterprises across the Gulf are deploying AI agents into their most sensitive workflows at a pace that their security architectures were simply not designed to accommodate. For Cequence Security, the California-based company that has spent a decade building application and API protection infrastructure, this convergence has produced the strongest quarter in the company's history.

The numbers from Cequence's fourth quarter of fiscal year 2026 are not incidental. They point to something structural: a market gap that has opened up between the speed at which enterprises are deploying autonomous AI agents and the maturity of the security frameworks governing what those agents are actually permitted to do. That gap, it turns out, is where Cequence has been quietly positioning itself for years.

What the Middle East told Cequence about where the market is going

The Middle East emerged as a standout region for Cequence in Q4 FY26, with new customer wins spanning digital banking, fintech, and government verticals across Saudi Arabia, Qatar, and the UAE. In two separate competitive evaluations, Cequence displaced incumbent vendors entirely, which is a harder signal than simply winning new business. It means enterprises already committed to a security platform decided to swap it out. That kind of decision does not happen because a vendor's marketing improved.

What is driving it is the region's particular combination of ambition and exposure. The Gulf states are executing some of the most aggressive digital transformation programs anywhere on earth, with sovereign AI strategies, national fintech buildouts, and government digitization agendas that are moving on compressed timelines. That pace creates a security surface that expands faster than most organizations' ability to protect it. AI agents embedded in customer-facing banking workflows, connected to sensitive government data systems, or operating inside critical infrastructure networks represent exactly the kind of privileged, high-stakes access that threat actors look for.

Ameya Talwalkar, CEO at Cequence, frames the market moment with clarity. "Enterprises are racing to put agentic AI to work, but the security foundation to support it simply hasn't kept pace. Our customers, whether they're defending against sophisticated fraud, securing critical APIs, or safely connecting AI agents to their most sensitive applications, are all solving versions of the same problem. This quarter's results reflect what happens when you've spent a decade building toward this moment. The market is ready, and so are we."

"This quarter's results reflect what happens when you've spent a decade building toward this moment. The market is ready, and so are we."

The privilege gap that identity alone cannot fix

The specific product development driving Cequence's momentum is worth understanding, because it addresses a problem that most enterprise AI deployments have not solved. When an AI agent is given access to a system, traditional identity-based access controls can verify who the agent is. What they cannot do is enforce what the agent is permitted to do at the level of individual tool calls, the granular actions the agent takes once it is inside a system. This is the privilege gap.

Cequence's answer is Agent Personas, now generally available inside the Cequence AI Gateway. The capability gives enterprises control over agent permissions down to the tool-call level, meaning a customer service agent can be explicitly prevented from accessing billing systems it has no reason to touch, even if it theoretically has the credentials to do so. The Cequence AI Gateway now includes more than 190 verified enterprise application integrations, making it a genuinely broad deployment surface rather than a point solution.

This is not an incremental product update. It is a foundational capability for anyone trying to deploy AI agents in a regulated environment, which describes the overwhelming majority of the Middle East enterprises Cequence has been winning. Digital banks operating under central bank oversight, government agencies managing citizen data, and energy utilities running critical national infrastructure all operate in contexts where overprivileged AI agents represent not just a technical risk but a compliance liability.

A quarter that signals more than growth

Beyond the Middle East wins, Cequence closed the largest deal in its company history this quarter with a major telecommunications provider in Japan, added new customers in Brazil, South Korea, Saudi Arabia, Qatar, and the United States, and recorded significant expansion activity with existing accounts. Its partner channel produced its first entirely channel-sourced customer win in Southeast Asia, which is the kind of milestone that reflects a partner ecosystem genuinely invested in selling the platform, not merely attached to it.

The company also continued to accumulate external validation in ways that matter for enterprise procurement decisions. It was recognized as a Leader in the 2025 KuppingerCole Leadership Compass for API Security and Management, won Best API Security Solution at the 2026 SC Media Awards, and was named Co-Chair of the TM Forum's AI-Native Blueprint Initiative on Agentic Interaction Security, a role that puts Cequence at the table where the world's largest telecommunications companies are defining what agentic AI security standards should look like.

New engineering leadership arrived in the form of Chandra Rentachintala, appointed as Vice President of Engineering. His background spans Microsoft, Palo Alto Networks, Shape Security, and DiDi, covering mobile, cloud, and API security at scale. The hire signals that Cequence is investing in the platform infrastructure required to sustain enterprise growth, not simply in the commercial motion to sell it.

Why this matters beyond the Gulf

For observers watching the global AI agent security market from the United States, the Middle East dynamic is instructive. The Gulf's combination of fast-moving digital transformation, sovereign data requirements, and high-value regulated industries has turned the region into an accelerated test environment for exactly the kind of agentic AI security problems that US enterprises will face at scale within the next two to three years. Telecommunications providers securing AI agents embedded in network operations, financial institutions protecting APIs against credential abuse, and energy companies defending critical infrastructure against automated threats are not Gulf-specific problems. They are the problems that follow AI agent deployment wherever it happens.

What Cequence is demonstrating in Q4 FY26 is that a decade of foundational work on application and API security has produced a platform positioned precisely for this transition. The agentic AI era does not require enterprises to rethink security from scratch. It requires a security foundation capable of extending its protections to autonomous systems operating inside the most sensitive workflows organizations run. That foundation, it turns out, already exists. The market is now catching up to it.

Related Stories

IExclusive: AI Agents Are Proliferating While Oversight Remains Dangerously Absent

CPX Holding Rebrands as UAE Cybersecurity Moves from IT Function to National Priority

Tenable and Anthropic Think Agentic AI Can Finally Close the Gap Between Cyber Discovery and Response