How AI and the browser will change end-user IT in 2026

Agentic AI

Agentic AI needs no introduction, as it's already the hottest topic around. However, on the end-user side, agentic means something different from the bigger-picture autonomous, AI-native agents redefining back-end business processes and reshaping the nature of business. This area is interesting, but it's also rife with challenges that need to be solved before the technology is in use everywhere.

In the end-user world, agentic AI is far more practical, and it's here right now.

In the hands of end users, agentic AI can take a few different forms. There are computer control agents from all the frontier models. There are AI browsers that can interact directly with websites and web apps on a user's behalf. AI assistants can run scheduled tasks and autonomously make decisions based on user input. And, frankly, AI-based vibe coding means we can create any agent we want using one of these tools.

So, if you hear agentic AI and think, "That's not an end-user thing," think again. In fact, we're finally starting to see this play out among key desktop and app virtualization vendors.

Consider the challenges that "big-picture" agentic AI poses around identity, security, visibility, etc. We've solved all of those for end-user environments. We can deploy virtual desktops to agentic AI users, knowing that the desktop environment and network are locked down, user privileges are appropriately configured and they have only the apps they need to accomplish their tasks. We can stand up VMs and shut them down at will, and they can run 24/7 using all the existing tools and processes our end users currently work with. And crucially (to borrow an AI word), we get full observability into what the agent is doing because we can literally watch the interactions.

I have no doubt this will take off in 2026. Microsoft has already released a public preview of Windows 365 for Agents, and it is likely that other desktop and app virtualization vendors will do the same. There will be a learning curve, but learning the benefits, challenges and best practices for implementation will be a key area to watch in the coming months. I think it will drive many conversations, particularly at the RSAC Conference and Black Hat in 2026, around how endpoint detection and response (EDR) platforms, patch and vulnerability management platforms and the burgeoning prompt security space will react.

Prompt security

On that note, prompt security has been growing larger on my radar, and it will also undoubtedly be a huge topic at RSAC in 2026. It's certainly applicable in the agentic context, where it adds oversight and governance over users' prompts, but it can also be employed more broadly, in both end-user and big-picture agentic contexts.

Within the larger agentic frame of reference, prompt security will add oversight to inter-agent or agent-to-model communications. This is something SentinelOne was clearly thinking about when it acquired the company Prompt Security at Black Hat this past year. Security at this layer can help prevent threats such as prompt injection attacks, sensitive data leakage and unauthorized workflow triggers.

In the end-user area, prompt security comes up in both EDR and browser security contexts. In particular, browser security companies tout their ability to see and intercept the entry of personally identifiable information or confidential data into AI assistants as a form of data loss prevention. While this might be a simple regex-based detection model, it can still be helpful in end-user AI tool adoption. It can also reduce risk from unsanctioned AI use, also known as shadow AI.

Shadow AI

In my role, I conduct a lot of research, and my favorite research project over the past few years was dubbed "AI at the Endpoint." The study served as an early look into how end users were interacting with AI tools, the devices they deployed and what the challenges and outcomes were of using AI. The aspect that I found most exciting was that I was able to poll both end users and IT on the use of shadow AI to learn about the disconnect between the two.

Some of the numbers were surprising. For example, 53% of end users reported using unsupported AI tools to do their job, and 45% of end users said they believe their coworkers are at least occasionally entering privileged, private or confidential data into unsanctioned tools.

IT respondents had a different perspective. In the IT group, 55% said they actively monitor shadow AI usage, and 53% said their enforcement of AI usage policies is strict and consistent. In contrast, this number was 36% for end users.

Perhaps most telling is the fact that just 13% of IT respondents said they trust their employees to adhere to AI policies with minimal oversight, while 30% of end users believe that IT trusts them to do so.

There's a significant disconnect that I think will likely widen as AI usage grows and its capabilities increase. While this is a scary proposition for many organizations, the data shows that when given the right tools, end users stop using shadow AI. I've written about how draconian "block everything" AI policies can cause more harm than good, and I look forward to researching this topic further in 2026.

Productivity apps and collaboration

It's difficult to talk about AI in the hands of end users without looking at productivity apps and collaboration. This space was once easy to carve up into different buckets -- office suites, creative suites and unified communications platforms -- but the last few years have seen an incredible amount of overlap and consolidation. This was already happening in the pre-AI era (think of the Office-like integrations in Teams, or Zoom's email and note-taking features), but AI has whipped it into a frenzy.

Sure, Microsoft Office is still dominant, and that dominance has given it some runway to learn how to best use Copilot. Google, meanwhile, has been incredibly successful with Gemini and its integration with Google Workspace and Google Chrome. But just when the race appeared to have the same two horses as usual, we're starting to see some new entrants to the race that don't have the same pedigree. Top of mind for me is Canva.

Already well-known to creative users and students, Canva has been adding enterprise features that threaten to upset the Microsoft/Google status quo. It's not a direct competitor at the moment, but Canva is an easy-to-use platform that seamlessly uses AI to build assets, presentations, websites and more, underpinned by a growing data set that can include business and operational data. It will be very difficult to displace existing systems, especially Excel. However, Canva makes it easy enough to interact with the data using natural language that I think the next generation of workers could want to make that their primary way of using productivity apps, not just for creative purposes.

Add to this app integrations directly into AI assistants -- like Adobe's integration into ChatGPT -- and you can see how things might be further disrupted.

Long story short, productivity and the way end users work are poised to change significantly. There won't be a wholesale shift in 2026, but it's worth keeping your eyes open. What we see today is certainly going to shape the future.

Autonomous IT

If you're in IT operations, no doubt you've already heard about autonomous IT or some derivation of that phrase, such as autonomous endpoint management or autonomous workspace. The companies that use that language on my radar include Action1, Adaptiva, HCL BigFix, NinjaOne, Omnissa and Tanium, though I'm sure I've left a few out.

What's interesting about autonomous IT is that it sits at the same place I do: the intersection of endpoint management and security. It can automate patch and vulnerability management, using AI to help progress along the deployment chain from when a vulnerability is discovered through deployment. How much AI is in use (and what is "automated" versus what is "autonomous") differs in execution and marketing between vendors. The end result is the same, though. They remove repetitive tasks that are getting harder in environments that feature more devices, OSes, apps and user locations.

While most conversations about autonomous IT today revolve around patch and vulnerability management, the vision extends to service desk, user self-service and even incident response. I tend to think of autonomous IT as a direction rather than a product. To be successful, it will need to adapt to existing tools and processes, using integrations with multiple vendors and data sets. Interest is extremely high, and my sense is that 2026 will be the year we see a jump in adoption that will show us what works and what still needs work.

Browser management and security

The shift away from Windows apps and toward browser-based applications means that browsers have long been a critical component of enterprise IT. While the browser used to be just one app among many, it now represents the primary interface that users work from, and organizations are starting to treat it that way. As the primary app that serves as the window to so many corporate apps and so much critical data, a modern browser is the target of a slew of new threats.

With ties to everything we've talked about so far -- agentic AI, prompt security, shadow AI and productivity apps -- vendors across IT and cybersecurity are trying to address browser management and security. Examples include the following:

• Standalone enterprise browser vendors, such as Island and Palo Alto Networks.
• Desktop and application virtualization vendors, such as Citrix, Dizzion, Omnissa and Parallels.
• Remote browser isolation vendors, such as Kasm and Menlo.
• OS and traditional browser vendors, such as Google and Microsoft.
• Secure browser extensions, such as Browsium and Seraphic.
• Zero-trust network access and network security vendors, such as Checkpoint, Netskope and Zscaler.

Given all this activity, it's interesting to me that browser management and security typically fall within some other area of responsibility, rather than as a standalone priority or budgetary line item. In 2026, I expect browser management and security to become a top priority within enterprise IT and security operations.

Conclusion

What started as a light and breezy look toward 2026 turned into a rather lengthy article that I hope had something for everyone. I'm fortunate to be able to cover such a wide array of topics. I find them endlessly fascinating because even though they're not the bleeding-edge, AI frontier topics that make all the headlines, they're where the rubber meets the road in IT.

Gabe Knuth is the principal analyst covering end-user computing for Omdia.

Omdia is a division of Informa TechTarget. Its analysts have business relationships with technology vendors.