The RSA Conference 2025 (RSAC) delivered cybersecurity trends, product launches, research revelations, and an emphasis on fighting the good fithr. From keynote stages to expo halls, themes like agentic AI, zero trust, and the evolving role of CISOs loomed large. We have some of the biggest news and moments from RSAC 2025, told as a journey through the week’s highlights.
Agentic AI, Zero Trust, and CISOs Step Up
AI on Autopilot: The conference showed that artificial intelligence has leapt from hype to real operational impact. In sessions across RSAC 2025, the industry moved beyond treating AI as an assistant to highlighting agentic AI, meaning autonomous systems can orchestrate security tasks independently, essentially co-pilots for human teams. Demonstrations showed silent cyber agents scanning for misconfigurations and preemptively mitigating threats without waiting for a human to react.
While the excitement was there, experts cautioned that handing decisions to AI demands robust guardrails. Security leaders stressed the need for transparency, human oversight, and human-in-the-loop design for these AI-driven systems, recognizing that machine-speed defense could become a double-edged sword without governance. It is a balance of embracing autonomy while ensuring human oversight remains a core part of the process.
Back to Basics with Zero Trust: For all the AI talk, many speakers also doubled down on cybersecurity fundamentals. A recurring theme was Zero Trust, the “never trust, always verify” approach that assumes attackers may already be inside the network. Throughout keynotes and panels, experts reminded attendees that a Zero Trust mindset remains essential to limit access and contain breaches as threats grow more sophisticated. Whether securing cloud workloads or critical infrastructure, the consensus was that organizations must continually validate users and devices, segment networks, and assume breach by default.
While not new, Zero Trust was frequently cited as the bedrock that needs to underpin flashy new solutions. In short, even as AI and automation advance, basic principles like Zero Trust architecture are more important than ever to reduce the blast radius of attacks.
CISOs in the Spotlight: Another striking narrative was the rising prominence—and pressure—on Chief Information Security Officers. CrowdStrike CEO George Kurtz devoted his keynote to elevating the CISO’s role. Kurtz’s talk, “The CISO’s Guide to Securing a Board Seat,” mixed humor with urgency. He quipped about avoiding another AI discussion in favor of “something that matters… like getting CISOs a seat in the boardroom.”
“Cybersecurity is no longer a compliance suggestion. It’s a governance mandate. The SEC regulations have materially changed the arc of the CISO’s career,” said George Kurtz. He emphasized that cyber risk has become a defining business risk for every board, highlighting the necessity for CISOs to secure seats at the boardroom table.
Over 70% of boards want cyber expertise. Still, less than 30% have a cyber expert on board, and Kurtz laid out a playbook for security leaders to become business-savvy, speak the language of risk and finance, and build credibility beyond the security silo. Within a decade, he hopes to see CISOs on half of corporate boards just like CFOs, a challenge he issued as the audience nodded.
Major Announcements in AI-Powered Products and Innovations
AI Everywhere: The expo floor was abuzz with new product launches, many infused with AI capabilities. RSAC 2025 saw a wide array of announcements from major vendors showcasing AI-driven tools for threat detection, response, and even protecting AI systems themselves. From endpoint security to cloud and email protection, companies raced to demonstrate how machine learning and large language models (LLMs) power the next generation of defenses. At the same time, a parallel trend emerged: products aimed at securing AI implementations, such as tools to prevent malicious prompts or data leaks from AI applications. Here are some of the headline product announcements that grabbed attention:
- Palo Alto Networks Cortex XSIAM 3.0: Announced on day one, Palo Alto’s latest platform update is positioned as an AI-powered alternative to the traditional SIEM. Cortex XSIAM 3.0 introduced advanced email security capable of spotting sophisticated phishing, including LLM-generated scams, and automatically removing malicious emails or deactivating compromised accounts. It also unveiled a new Cortex Exposure Management module to proactively reduce vulnerability noise by up to 99% through intelligent prioritization and automated remediation.
- SentinelOne Purple AI Athena: On Tuesday, SentinelOne took the wraps off Purple AI Athena, the next evolution of its AI-driven security assistant. According to the company, Athena incorporates agentic AI functionality that can mirror the deep security reasoning and sophisticated orchestration of advanced SOC analysts. In practical terms, Athena can autonomously run complete multi-step investigations across endpoints and identity systems, then coordinate responses, much like a seasoned analyst might. The platform also boasts seamless integrations with third-party data sources to enrich its understanding of incidents. With Athena, SentinelOne is signaling that an AI agent can shoulder a bigger share of the Security Operations Center (SOC) work, from triaging alerts to hunting down threats, in concert with human operators.
- CrowdStrike’s Charlotte AI and Others: CrowdStrike rolled out new agentless AI capabilities in its Falcon platform. The news tools, dubbed Charlotte AI Agentic Response and Workflows, leverage generative AI to answer analysts’ questions during investigations and automate complex incident response playbooks. The goal is to turbocharge SOC productivity by mapping out attacker movements or suggesting next steps without waiting for the human query. Meanwhile, data security was another hot area: startups like Cyera debuted unified data loss prevention, Omni DLP, to tackle the sprawl of sensitive data across cloud and enterprise environments. Netskope announced enhancements to its platform to enable safe use of generative AI, such as preventing sensitive data from being fed into AI model training. Akamai introduced a new Firewall for AI to shield AI-powered apps from threats.
Innovation Sandbox Winner: The conference isn’t just about big names. The startup ecosystem made waves, too. At the prestigious RSAC Innovation Sandbox contest (celebrating its 20th year), ProjectDiscovery emerged as the winner, earning “Most Innovative Startup” for 2025. ProjectDiscovery, known for its open-source security tools, impressed the judges with its approach to scalable vulnerability discovery. “Winning the Sandbox is recognition that open source is possible in security,” said Andy Cao, COO of ProjectDiscovery, highlighting how community-driven tools can hold their own in an industry dominated by commercial players
Threat Research & Disclosures: Airborne and Data Breach Trends
RSAC 2025 also served up sobering research on emerging threats and vulnerabilities. One disclosure had conference-goers buzzing and iPhone users nervously checking for updates. Oligo Security unveiled a new zero-day dubbed “Airborne.” This is a wormable, zero-click remote code execution flaw in Apple’s AirPlay file-sharing protocol. Airborne could let an attacker take over a device via AirPlay without users clicking or accepting anything. Oligo’s researchers warned that once a single device is infected, the worm could propagate to others nearby, potentially wreaking havoc across households or offices.
Released just before the show kicked off, the 2025 Verizon Data Breach Investigations Report (DBIR) provided a reality check on what’s causing breaches. Presenters highlighted several eye-opening trends from this year’s DBIR. For one, attackers are increasingly exploiting vulnerabilities faster than companies can patch, so much so that vulnerability exploitation has overtaken phishing as a top initial access method for breaches. The DBIR reported that exploiting software flaws accounted for roughly 20% of breaches, edging out phishing at 15%.
The DBIR found that many organizations leak credentials and API keys, which live out in the wild far past their expiration. Those forgotten secrets often become easy pickings for hackers, leading to breaches. The Verizon report’s insights, from the rise of vulnerability exploitation to the dangers of unchecked credentials, fueled discussions at RSAC about the need for basics like rigorous patch management, attack surface reduction, and secrets management.
Policy and Industry Tensions: Budget Cuts and Political Crosswinds
Beyond the technical talk, RSAC 2025 attendees couldn’t help but notice that the usual cadre of U.S. government cybersecurity leaders had a lower profile this year. In past conferences, officials from agencies like the Cybersecurity and Infrastructure Security Agency (CISA) often delivered keynotes or major updates, but their absence spoke volumes this time. Reports circulated that Washington’s current administration has been pulling back support and slashing budgets and staff at CISA.
Some industry veterans did speak out. At an off-site panel, former CISA Director Jen Easterly bluntly described the ongoing brain drain at CISA as a loss for the American people, coming just when threats from nation-states and ransomware gangs are surging. She and others cautioned that talent flight from the government leaves critical gaps. Speaking on the same panel, Cybersecurity author Nicole Perlroth commented that given rising threats “have to be more prepared than ever,” calling the budget cuts “disturbing on a practical level”. Their candid warnings drew nods from the audience, who understand that public-private collaboration is key in cybersecurity, and that starving the federal cyber agencies of resources could set everyone back.
One of the conference’s most notable moments came courtesy of Chris Krebs, the former CISA head. When he walked onstage for a panel discussion, the RSAC crowd gave him a rousing welcome. On a panel with other cyber luminaries, Krebs remained defiant, urging the infosec community to keep up the good fight, despite any politicization of their work. The audience’s support for Krebs and keeping cybersecurity discussions grounded in facts, not politics, was an encouraging sign of industry solidarity.
Synqly at RSAC 2025: Cybersecurity Integrations for the Future
Amid all the buzz about AI and zero trust, one company at RSAC 2025 spotlighted a less flashy but critical challenge: integration. Synqly showcased an AI-enabled security integration platform to solve the headaches of connecting diverse tools in a security stack. In an expo full of innovative solutions, Synqly offered a reminder that even the most creative tools are only as good as how well they work together.
That message was echoed just blocks away at the Piper Sandler Cybersecurity CEO summit, where Microsoft’s Charlie Bell stated, “We’re moving from best-in-breed to best in integration.” He repeated the phrase for emphasis, signaling a broader industry shift toward prioritizing connection over complexity.
Synqly’s solution is the first integration platform for security and infrastructure vendors.
“AI may be the future, but security teams cannot scale to the growing attack surface without integrations. As the stack grows and tools get smarter, the integrations between them matter more than ever,” said Joel Bauman, Co-founder and CEO of Synqly.
Bauman explained in his talk that today’s average enterprise runs more than 75 different security and IT tools and stitching those together is a monumental task that is met with increased costs, delayed roadmaps, and integration fatigue. He emphasized that the basics of connecting systems can’t be overlooked in an era of AI-driven everything.
Bauman noted that every new solution and technology on the show floor will eventually need to plug into the rest of an organization’s security systems. If those connections are brittle or siloed, it undermines the whole. As the cybersecurity industry continues forward, solving integration challenges might enable all these innovations to deliver on their promise.
