Join our daily and weekly newspapers for exclusive content on the latest updates and industry-composure AI coverage. learn more
While more than 20 vendors announced agents AI-based security agents, apps and platforms RSAC 2025The most practical news from the conference is a rare, encouraging trend for security leaders. For the first time in three years, overall cyber security effectiveness has improved.
Scale venture partner (SVP) recently released 2025 Cyber Safety perspective Report, Which shared that the average effectiveness of cyber security safety improved for the first time in three years, this year 2023 increased from 48% to 61% efficacy. According to the report, “70% of security leaders were the most preserved against general fishing attacks, in which only 28% of firms were reported.”
The SVP also found that 77% CISO believes that protecting AI/mL models and data pipelines is a priority to improve its security currency from 55% to 2025 last year. In particular, given the arrival of new agents AI solutions declared in RSAC, 75% of firms expressed interest in taking advantage of AI to automatically to automatically automatically using AI agents to try large versions of safety alerts to prevent safety events.
The increase of SVP in the efficacy number is not casual; They successfully consolidate their platforms as a result of CISOS and their teams, adopting automation and reducing the gaps, the attackers went into the past.
Senior Director of Safety Strategy at Cato Networks, “The attackers are going to undergo a crack between products,” if you attacked the attackers said, “RSAC told venturebeat during 2025.”
Agent AI platform is moving faster than the minimum feasible product for DNA
The perspective of MAOR explains why agentic AI in cyber security requires a new definition of a minimum viable product. RSAC 2025 revealed how mature agent AI is being formed. Code is a group of vendors using AI as a code-based adhesive to unite the base and apps simultaneously, and then there are people who have been on it over the years, and the agent AI is the core for their code base and architecture.
The subsequent group in this subsequent group, where the agent AI is the core for its platform and, in many cases, continues to double-down their R&D expenses on the outstanding performance in Agentic AI. It also includes Sase Cloud Platform of Cato Networks, Cisco ai defenseCrowdastric’s Falcon Single Agent Architecture, Darktras Cyber AI Loop, Elastic elastic ai assistant, Microsoft’s Safety Copilot and Defender XDR suite, Palo Alto Netws’ Cortex XSIAM, Sentinelon’s eccentricity stage And Cognito platform of vectra aI,
Organizations which are relying on integrated AI-operated identity with automated control 40%there are also About twice the possibility To neutralize fishing-based infiltration before the lateral movement. Sellers on the show floor are often relied on identifying and access management scenarios how their agents AI Workflows Safety Operations Center (SOC) can help trim workloads for analysts.
Microsoft’s Corporate Vice President, Vasu Jakkal said during his Keenot, “Identification is going to be an important element of AI in your life cycle. AI agents require identity. They need to understand the zero trust, and how we verify them? Clearly manage the rituals of Microsut,” the corporates of the Microsut are clear Vice President, Vasu Jakkal said. As Zakkal clearly stated, “AI must first start with security. It is important that we develop our safety mechanism faster because we develop AI.”
A common theme of each agent AI Demo on the show floor was triangular to the data of the triangular attack, quickly acquiring insight as a tradecraft being used as a tradecraft and then defines a control strategy in real time.
Crowdastrik showed how agent AI can pivit out to detect real -time action through a live investigation of the North Korean threat campaign to rent distance Devaps in the US and worldwide strategic technology companies. Live demo follows tradecraft DPRK’s famous Cholima Since it rented a remote devops, the previous HR check and leveraged valid tools slipped, including RMM software and VS code, to exfiltrate the data quietly. It was a sharp reminder, while powerful, agentic AI still depends on a human in the loop so that the adaptive threats and the fine-tune model to spot the signal noise to spot the noise.
General AI target: discovery and killing nation-state tradecraft
There are attacks that no person, company, or nation sees that it is the most destructive and challenging. The dangers are so devastating that they can easily shut down a power grid, payment, banking, or supply chain system, the most bright in cyber security and dominating many brains of most new technologies.
Cisco’s Chief Excise Officer Jeetu Patel emphasized the urgency of strengthening cyber security with AI, so that once trigger can become disastrous and the dancing danger can be overcome. Patel said during his keynote speaker, “AI is fundamentally changing everything, and cyber security is in its heart. We are no longer dealing with dangers on human-fame; these attacks are happening on machine scale.”
Patel insisted that the AI-operated models are not determinants: “They will not give you the same answer every time, introduce unprecedented risks.”
Sisos needs to understand today’s complex risks and dangers
“This is not another AI thing, I promise,” said CEO of Crowdastrik, George Kurtaz jokingly said that he opened his RSAC 2025 kenot. “I was asked to give one, and I said,” How do we talk about something that really matters, as Sisos is getting a seat on the board table? “
In his keynote speaker, “CISO’s guide to get a board seat,” Kurtaz released a clear call To workIon: “Cyber security is no longer a compliance suggestion. It is a governance mandate. SEC rules have changed the CISO’s archer arch.” Boards are not only developing; They are being forced to reconsider again with cyber risk as primary trading threat.
Kurtaz supported his argument with hard numbers: 72% boards say they are actively looking for cyber security expertise, but only 29% is actually it is really it is, “This is not just a talent difference,” said Kurtaz. “This is an opportunity if you are ready to move,” he encouraged the audience.
His roadmap was on strategic and hands to reach the boardroom for Sisos:
- Level your business flow. “Understand where the business value is created. If you cannot speak margin, arrest or legal risk, you will not last long in the table.”
- Speak the language of the board. “Each boardroom runs on three priorities: time, money and legal risk. If you cannot translate cyber, you will stay on the edge.”
- Build your brand outside the safety bubbles. “The members of the board are on many boards. The way through the trust and reputation, not only technical excellence.”
In 2002, Kurtz detected Sarbanes-Oxley to solid boardroom contributors and disclosed Sarbanas-oxley from regulatory improvement to boardroom effect. He argued that SEC’s 2024 breech reporting mandate also does the same for Sisos. “Threatening drive regulation, and regulation drive board structure,” he said. “This is our moment.”
His advice was not abstract. He urged the CISO to study the proxy statement, identify committee-level needs, and to identify the network strategically with board members, who are always looking to “fill the roles.” He pointed to Crowdastric Siso Adam Zolar, now on the Board of Edivelth as a model. Zolar, Kurtaz says, is the one who has earned his seat by staying in the room, learning how the board operates and is seen as more than a safety specialist.
Kurtaz closed with a challenge: “I hope to come back in ten years, yet with red hair, and see CISOS on 50% boards, such as CFOS. The board room is not waiting for permission. The only question is: Will you be?”
“AI is not magic – this is mathematics”
Diana Kelly, CTO Protect AIRSAC with a blunt message attracted one of the most important early crowds in 2025: “AI is not magic – this is mathematics. And as soon as we secure the software, we should strictly secure the AI life cycle.” Her keynote speaker provided a sound background, which sliced through General AI Hype, spots the real risks for the AI model that every organization needs to defend before starting any work on its model. Kelly provided intensive insight into model poisoning, quick injections and hallucinations, calling for a full-stack approach for AI safety.
He introduced the OWASP Top 10 for General AI, emphasizing the need to secure AI from zero, partner with Sisos, with danger aggressively and in the form of privileged attack surfaces, treated the output and agent chain.
Palo Alto Network announced Intention to protect AI The same day as the presentation of Kelly, driving another factor A lot of conversation about his keynote speaker.
RSAC 2025 shows why the agent is the time to give results for AI
RSAC 2025 clarified one thing: AI agents are entering the security workflow, but the boards want evidence that they work. For CISOS under pressure to justify expenses and reduce the risk, focus -focused innovation is shifting into operational effects from propagation. The actual victory, which reaches 40% shorter time and fishing flexibility to 70%, came from platform consolidation and automatic alert triaies, which are all proven technologies and techniques. Agentic AI’s moment of truth is here, especially for vendors to enter the market only.
