Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More
While over 20 vendors announced agentic AI-based security agents, apps and platforms atย RSAC 2025, the most insightful news from the conference is a rare, encouraging trend for security leaders. For the first time in three years, overall cybersecurity effectiveness has improved.
Scale Venture Partners (SVP) recently released the 2025 Cybersecurity Perspectives Report, which shared that the average effectiveness of cybersecurity protections improved for the first time in three years, increasing to 61% efficacy this year from 48% in 2023. According to the report, โ70% of security leaders were most protected against general phishing attacks, with only 28% of firms reporting compromise.โ
SVP also found that 77% of CISOs believe protecting AI/ML models and data pipelines is a priority to improve their security posture by 2025, up from 55% last year. Notably, given the influx of new agentic AI solutions announced at RSAC, 75% of firms expressed interest in leveraging AI to automate SOC investigations using AI agents to triage large volumes of security alerts to prevent security incidents.
SVPโs rise in efficacy numbers isnโt accidental; they result from CISOs and their teams adopting automation at scale while successfully consolidating their platforms and reducing gaps attackers had walked through in the past.
โIf you donโt have complete visibility, the attackers are going to go through the cracks between products,โ ย Etay Maor, senior director of security strategy at Cato Networks, told VentureBeat during RSAC 2025. โWe designed our platform to eliminate those blind spotsโbringing security and networking together so nothing escapes our eyes.โ
Agentic AI is moving fast beyond minimum viable product to platform DNA
Maorโs perspective explains why a new definition of what a minimum viable product is needed for agentic AI in cybersecurity. RSAC 2025 revealed how mature agentic AI is becoming. Thereโs a group of vendors using agentic AI as a code-based adhesive to unify code bases and apps together, and then there are the ones who have been at this for years, and agentic AI is core to their code base and architecture.
Cybersecurity providers in this latter group, where agentic AI is core to their platform and, in many cases, continue to double-down their R&D spend on excelling at agentic AI. This includes Cato Networksโ SASE Cloud Platform, Cisco AI Defense, CrowdStrikeโs Falcon single agent architecture, Darktraceโs Cyber AI Loop, Elasticโs Elastic AI Assistant, Microsoftโs Security Copilot and Defender XDR Suite, ย Palo Alto Networksโ Cortex XSIAM, SentinelOneโs Singularity Platform and Vectra AIโs Cognito Platform.
Organizations that are relying on integrated AI-driven detection with automated containment are reducing dwell times by over 40%. Theyโre also nearly twice as likely to neutralize phishing-based intrusions before lateral movement occurs. Vendors on the show floor often relied on identity and access management scenarios to showcase how their agentic AI workflows could help trim workloads for security operations center (SOC) analysts. ย
โIdentity is going to be a critical element of AI throughout its life cycle. AI agents are going to need identities. Theyโre going to need to understand zero trust, and how do we verify them? Explicitly manage least privileged access,โ noted Microsoftโs Corporate Vice President for Security, Vasu Jakkal, during her keynote. As Jakkal succinctly put it, โAI must first start with security. Itโs critical that we evolve our security mechanisms as rapidly as we evolve AI.โ
A common theme of every agentic AI demo across the show floor was triangulating attack data, quickly gaining insights into the form of tradecraft being used and then defining a containment strategy all in real time. ย
CrowdStrike showed how agentic AI can pivot from detection to real-time action through a live investigation of a North Korean threat campaign to place remote DevOps hires in strategic technology companies in the U.S. and around the world. The live demo followed the tradecraft of the DPRKโs Famous Chollima as it impersonated a remote DevOps hire, slipped past HR checks and leveraged legitimate tools, including RMM software and VS Code, to quietly exfiltrate data. It was a sharp reminder that, while powerful, agentic AI still relies on a human in the loop to spot adaptive threats and fine-tune models before the signal gets lost in the noise.
The gen AI goal: discovering nation-state tradecraft and killing it
Itโs the attacks that no person, company, or nation sees coming that are the most devastating and challenging to contain and overcome. The thought of threats so devastating that they could easily shut down a power grid, payment, banking, or supply chain system dominates the minds of many of the brightest and most innovative technologies in cybersecurity.ย
Ciscoโs Chief Product Officer Jeetu Patel emphasized the urgency of strengthening cybersecurity with AI so that threats lurking that may be devastating once triggered can be found now and neutralized. โAI is fundamentally changing everything, and cybersecurity is at the heart of it. Weโre no longer dealing with human-scale threats; these attacks are occurring at machine scale,โ Patel said during his keynote.
Patel emphasized that AI-driven models are not deterministic: โThey wonโt give you the same answer every single time, introducing unprecedented risks.โโ
CISOs need to understand todayโs complex risks and threats
โThis isnโt another AI talk, I promise,โ CrowdStrike CEO George Kurtz joked as he opened his RSAC 2025 keynote. โI was asked to give one, and I said, โHow about we talk about something that actually matters right now, like getting CISOs a seat at the board table?โโ That punchline delivered two things at once: comic relief and a sharp pivot to the defining issue of cybersecurity leadership in 2025.
In his keynote,ย โThe CISOโs Guide to Securing a Board Seat,โ Kurtz issued a clear call to action: โCybersecurity is no longer a compliance suggestion. Itโs a governance mandate. The SEC regulations have materially changed the arc of the CISOโs career.โ Boards arenโt just evolving; theyโre being forced to reckon with cyber risk as a primary business threat.
Kurtz backed his argument with hard numbers: 72% of boards say theyโre actively seeking cybersecurity expertise, but only 29% actually have it. โThatโs not just a talent gap,โ Kurtz said. โItโs an opportunity if youโre ready to step up,โ he encouraged the audience.
His roadmap for CISOs to reach the boardroom was tactical and hands-on:
Kurtz traced the path from regulatory reform to boardroom impact by revisiting how Sarbanes-Oxley in 2002 transformed CFOs into solid boardroom contributors. He argued that the SECโs 2024 breach reporting mandate does the same for CISOs. โThreats drive regulation, and regulation drives board composition,โ he said. โThis is our moment.โ
His advice wasnโt abstract. He urged CISOs to study proxy statements, identify committee-level needs and network strategically with board members who are โalways looking to fill roles.โ He pointed to CrowdStrike CISO Adam Zoller, now on the board of AdventHealth, as a model. Zoller, Kurtz says, is someone who earned his seat by staying in the room, learning how the board operated and being seen as more than a security expert.
Kurtz closed with a challenge: โI hope to come back in ten years, still with red hair, and see CISOs on 50% of boards, just like CFOs. The boardroomโs not waiting for permission. The only question is: will it be you?โ
โAI isnโt magicโItโs mathโ
Diana Kelley, CTO of Protect AI, drew one of the most significant early crowds at RSAC 2025 with a blunt message: โAI isnโt magicโitโs math. And just as we secure software, we must rigorously secure the AI lifecycle.โ Her keynote provided a sound background that sliced through gen AI hype, spotlighting the real risks to AI models that every organization needs to defend against before beginning any work on their models. Kelly provided in-depth insights into model poisoning, prompt injections and hallucinations, calling for a full-stack approach to AI security.
She introduced the OWASP Top 10 for gen AI, emphasizing the need to secure AI from day zero, partner with CISOs early, threat-model aggressively and treat prompts, outputs and agent chains as privileged attack surfaces.
Palo Alto Networks announced its intent to acquire Protect AIย the same day as Kelleyโs presentation, another factor driving so many conversations about her keynote. ย ย
RSAC 2025 shows why itโs time for agentic AI to deliver results
RSAC 2025 made one thing clear: AI agents are entering security workflows, but boards want proof they work. For CISOs under pressure to justify spending and reduce risk, the focus is shifting from innovation hype to operational impact. The real wins, including 40% lower dwell time and phishing resilience reaching 70%, came from platform consolidation and automating alert triage, which are all proven technologies and techniques. Agentic AIโs moment of truth is here, especially for vendors just entering the market. ย
