Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More
While over 20 vendors announced agentic AI-based security agents, apps and platforms atΒ RSAC 2025, the most insightful news from the conference is a rare, encouraging trend for security leaders. For the first time in three years, overall cybersecurity effectiveness has improved.
Scale Venture Partners (SVP) recently released the 2025 Cybersecurity Perspectives Report, which shared that the average effectiveness of cybersecurity protections improved for the first time in three years, increasing to 61% efficacy this year from 48% in 2023. According to the report, β70% of security leaders were most protected against general phishing attacks, with only 28% of firms reporting compromise.β
SVP also found that 77% of CISOs believe protecting AI/ML models and data pipelines is a priority to improve their security posture by 2025, up from 55% last year. Notably, given the influx of new agentic AI solutions announced at RSAC, 75% of firms expressed interest in leveraging AI to automate SOC investigations using AI agents to triage large volumes of security alerts to prevent security incidents.
SVPβs rise in efficacy numbers isnβt accidental; they result from CISOs and their teams adopting automation at scale while successfully consolidating their platforms and reducing gaps attackers had walked through in the past.
βIf you donβt have complete visibility, the attackers are going to go through the cracks between products,β Β Etay Maor, senior director of security strategy at Cato Networks, told VentureBeat during RSAC 2025. βWe designed our platform to eliminate those blind spotsβbringing security and networking together so nothing escapes our eyes.β
Agentic AI is moving fast beyond minimum viable product to platform DNA
Maorβs perspective explains why a new definition of what a minimum viable product is needed for agentic AI in cybersecurity. RSAC 2025 revealed how mature agentic AI is becoming. Thereβs a group of vendors using agentic AI as a code-based adhesive to unify code bases and apps together, and then there are the ones who have been at this for years, and agentic AI is core to their code base and architecture.
Cybersecurity providers in this latter group, where agentic AI is core to their platform and, in many cases, continue to double-down their R&D spend on excelling at agentic AI. This includes Cato Networksβ SASE Cloud Platform, Cisco AI Defense, CrowdStrikeβs Falcon single agent architecture, Darktraceβs Cyber AI Loop, Elasticβs Elastic AI Assistant, Microsoftβs Security Copilot and Defender XDR Suite, Β Palo Alto Networksβ Cortex XSIAM, SentinelOneβs Singularity Platform and Vectra AIβs Cognito Platform.
Organizations that are relying on integrated AI-driven detection with automated containment are reducing dwell times by over 40%. Theyβre also nearly twice as likely to neutralize phishing-based intrusions before lateral movement occurs. Vendors on the show floor often relied on identity and access management scenarios to showcase how their agentic AI workflows could help trim workloads for security operations center (SOC) analysts. Β
βIdentity is going to be a critical element of AI throughout its life cycle. AI agents are going to need identities. Theyβre going to need to understand zero trust, and how do we verify them? Explicitly manage least privileged access,β noted Microsoftβs Corporate Vice President for Security, Vasu Jakkal, during her keynote. As Jakkal succinctly put it, βAI must first start with security. Itβs critical that we evolve our security mechanisms as rapidly as we evolve AI.β
A common theme of every agentic AI demo across the show floor was triangulating attack data, quickly gaining insights into the form of tradecraft being used and then defining a containment strategy all in real time. Β
CrowdStrike showed how agentic AI can pivot from detection to real-time action through a live investigation of a North Korean threat campaign to place remote DevOps hires in strategic technology companies in the U.S. and around the world. The live demo followed the tradecraft of the DPRKβs Famous Chollima as it impersonated a remote DevOps hire, slipped past HR checks and leveraged legitimate tools, including RMM software and VS Code, to quietly exfiltrate data. It was a sharp reminder that, while powerful, agentic AI still relies on a human in the loop to spot adaptive threats and fine-tune models before the signal gets lost in the noise.
The gen AI goal: discovering nation-state tradecraft and killing it
Itβs the attacks that no person, company, or nation sees coming that are the most devastating and challenging to contain and overcome. The thought of threats so devastating that they could easily shut down a power grid, payment, banking, or supply chain system dominates the minds of many of the brightest and most innovative technologies in cybersecurity.Β
Ciscoβs Chief Product Officer Jeetu Patel emphasized the urgency of strengthening cybersecurity with AI so that threats lurking that may be devastating once triggered can be found now and neutralized. βAI is fundamentally changing everything, and cybersecurity is at the heart of it. Weβre no longer dealing with human-scale threats; these attacks are occurring at machine scale,β Patel said during his keynote.
Patel emphasized that AI-driven models are not deterministic: βThey wonβt give you the same answer every single time, introducing unprecedented risks.ββ
CISOs need to understand todayβs complex risks and threats
βThis isnβt another AI talk, I promise,β CrowdStrike CEO George Kurtz joked as he opened his RSAC 2025 keynote. βI was asked to give one, and I said, βHow about we talk about something that actually matters right now, like getting CISOs a seat at the board table?ββ That punchline delivered two things at once: comic relief and a sharp pivot to the defining issue of cybersecurity leadership in 2025.
In his keynote,Β βThe CISOβs Guide to Securing a Board Seat,β Kurtz issued a clear call to action: βCybersecurity is no longer a compliance suggestion. Itβs a governance mandate. The SEC regulations have materially changed the arc of the CISOβs career.β Boards arenβt just evolving; theyβre being forced to reckon with cyber risk as a primary business threat.
Kurtz backed his argument with hard numbers: 72% of boards say theyβre actively seeking cybersecurity expertise, but only 29% actually have it. βThatβs not just a talent gap,β Kurtz said. βItβs an opportunity if youβre ready to step up,β he encouraged the audience.
His roadmap for CISOs to reach the boardroom was tactical and hands-on:
Kurtz traced the path from regulatory reform to boardroom impact by revisiting how Sarbanes-Oxley in 2002 transformed CFOs into solid boardroom contributors. He argued that the SECβs 2024 breach reporting mandate does the same for CISOs. βThreats drive regulation, and regulation drives board composition,β he said. βThis is our moment.β
His advice wasnβt abstract. He urged CISOs to study proxy statements, identify committee-level needs and network strategically with board members who are βalways looking to fill roles.β He pointed to CrowdStrike CISO Adam Zoller, now on the board of AdventHealth, as a model. Zoller, Kurtz says, is someone who earned his seat by staying in the room, learning how the board operated and being seen as more than a security expert.
Kurtz closed with a challenge: βI hope to come back in ten years, still with red hair, and see CISOs on 50% of boards, just like CFOs. The boardroomβs not waiting for permission. The only question is: will it be you?β
βAI isnβt magicβItβs mathβ
Diana Kelley, CTO of Protect AI, drew one of the most significant early crowds at RSAC 2025 with a blunt message: βAI isnβt magicβitβs math. And just as we secure software, we must rigorously secure the AI lifecycle.β Her keynote provided a sound background that sliced through gen AI hype, spotlighting the real risks to AI models that every organization needs to defend against before beginning any work on their models. Kelly provided in-depth insights into model poisoning, prompt injections and hallucinations, calling for a full-stack approach to AI security.
She introduced the OWASP Top 10 for gen AI, emphasizing the need to secure AI from day zero, partner with CISOs early, threat-model aggressively and treat prompts, outputs and agent chains as privileged attack surfaces.
Palo Alto Networks announced its intent to acquire Protect AIΒ the same day as Kelleyβs presentation, another factor driving so many conversations about her keynote. Β Β
RSAC 2025 shows why itβs time for agentic AI to deliver results
RSAC 2025 made one thing clear: AI agents are entering security workflows, but boards want proof they work. For CISOs under pressure to justify spending and reduce risk, the focus is shifting from innovation hype to operational impact. The real wins, including 40% lower dwell time and phishing resilience reaching 70%, came from platform consolidation and automating alert triage, which are all proven technologies and techniques. Agentic AIβs moment of truth is here, especially for vendors just entering the market. Β
