Hundreds of vendors descended on San Francisco this week for RSA Conference 2025, and the big takeaway is how AI agents and identity‑centric platforms are becoming the default front line of defense. We came away with a clear sense that security is shifting from point tools to autonomous, integrated systems.

I noticed several vendors launch autonomous AI assistants aimed at cutting through alert fatigue and turning data into action:

• Abnormal AI introduced AI Phishing Coach for personalized, phishing‑awareness training and AI Data Analyst to digest complex telemetry into simple insights.
• Arctic Wolf’s Cipher, powered by Anthropic LLMs, delivers real‑time, expert‑informed analysis across endpoints, networks, cloud, and identity.
• ArmorCode’s Anya acts as a virtual security champion, correlating data from 285+ integrations to surface the highest‑priority risks.

Identity security got a major boost with platforms that unify human and non‑human risks:

• Anetac added behavioral anomaly detection, compromised‑credential discovery, dormant‑account scans, and access‑chain mapping to its Identity Vulnerability Management.
• BeyondTrust now offers a free identity security risk service that reveals hidden “Paths to Privilege” using AI‑driven detection.
• RSA and Saviynt each expanded their Identity Security Posture Management suites to address hybrid and cloud workloads.

Agentic AppSec and software‑visibility tools moved from theory to practice:

• Apiiro’s Software Graph Visualization provides a live, AI‑powered map of application architecture, vulnerabilities, and risk—no more static reports.
• Wallarm unveiled Agentic AI Protection, locking down API agents against prompt injection, jailbreaks, and logic‑abuse attacks.
• Tuskira’s autonomous AI Analyst Workforce simulates real‑world attacks and actively remediates across SIEM, EDR, identity, and firewall layers.

SaaS and cloud security continued to converge:

• AppOmni’s Model Context Protocol server aggregates signals from multiple tools for coordinated SaaS risk decisions.
• Cisco expanded XDR, deepened its ServiceNow partnership, added AI supply‑chain risk management, and launched Foundation AI, an open‑source reasoning model for security applications.
• Forcepoint Data Security Cloud now unifies DSPM, DDR, DLP, SaaS, web, and email protection under one AI‑powered umbrella.

Threat intelligence, hunting, and red‑team services also got refreshed:

• BrandShield Resolve combined AI detection with 24/7 SOC support to hunt phishing, impersonation, and dark‑web threats.
• Bugcrowd RTaaS let organizations dial up crowdsourced red‑team engagements on demand.
• Censys rolled out a threat‑hunting module that embeds adversary infrastructure tracking directly into SecOps workflows.

Beyond product launches, OpenSSF and LF Education debuted a free EU Cyber Resilience Act course, while Forescout’s Vedere Labs revealed 780 state‑aligned hacktivist attacks in 2024, with critical infrastructure, transportation, and finance in their crosshairs.

From training agents to real‑time posture management, RSA 2025 made it clear: security is moving toward autonomous, identity‑driven platforms that speak to each other—no more siloed tools, but coordinated defense at machine speed.