The RSA Conference 2025, held in San Francisco from April 28 to May 1, spotlighted the evolving landscape of cybersecurity, with a strong emphasis on artificial intelligence, identity security, and collaborative defense strategies.
This year’s theme (Many Voices. One Community) emphasized collaboration across diverse perspectives to tackle cybersecurity challenges. The focus was on unifying IT, security teams, and marginalized groups to address disparities like the “Security Poverty Line” and improve resource allocation. Sessions highlighted how collective efforts, such as public-private partnerships and cross-team collaboration, can strengthen defenses.
To help navigate the sea of announcements, the eSecurity Planet team has rounded up the biggest product reveals, strategic shifts, and tech insights from the show floor.
Abnormal AI rolls out autonomous security agents
Abnormal AI made waves with what it’s calling its “most ambitious product release to date” with the launch of two new autonomous AI agents designed to protect users and simplify security operations. “The most dangerous attacks don’t target firewalls—they target people, and people need better protection,” said Evan Reiser, CEO and founder of Abnormal AI.
- AI phishing coach: This tool replaces traditional, static training with real-time, personalized coaching. Instead of generic videos, users get live feedback based on real-world attack simulations.
- AI data analyst: A reporting tool that automates data aggregation and proactively delivers insights to admins, saving teams significant time and effort.
Anetac unifies identity security across humans and machines
Anetac expanded its Identity Vulnerability Management Platform with the global rollout of Human Link Pro, a tool aimed at helping organizations spot and fix identity-based vulnerabilities, whether they stem from human and non-human identities (like bots and APIs) in hybrid environments. This AI-powered solution watches behavior and access patterns to prioritize real-time risks, offering security teams better visibility into one of the fastest-growing attack surfaces in hybrid environments.
Bugcrowd introduces crowdsourced red team-as-a-service
In a move that redefines red teaming, Bugcrowd launched the industry’s first Crowdsourced Red Team as a Service. The platform connects customers to a global network of vetted ethical hackers for real-time, intelligence-led offensive testing. This shift brings the scale and flexibility of crowdsourcing to a traditionally resource-heavy area of cybersecurity.
Cisco and Splunk showcase AI-driven threat response with foundation AI
Cisco doubled down on securing the AI era, introducing a host of updates to Cisco XDR and Splunk Security, alongside a major push with Foundation AI, a suite of open-source tools aimed at democratizing AI in cybersecurity.
“The cybersecurity threat landscape has never been more dynamic and complex, with adversaries constantly emboldened and enabled by AI to drive new attacks and exploits,” said Jeetu Patel, executive vice president and chief product officer at Cisco.
Highlights included:
- New AI agents integrated into Cisco’s security products.
- Deeper partnership with ServiceNow to streamline secure AI adoption.
- The first open-source reasoning model tailored for security use cases.
RSA targets passwordless and help desk threats
RSA unveiled a new enterprise-ready passwordless platform aimed at thwarting advanced identity attacks, especially those that attempt to bypass help desks using social engineering.
“Only RSA can provide a complete passwordless solution that accounts for every user, use case, and environment,” said Jim Taylor, chief product and technology officer at RSA.
This year’s updates:
- Complete lifecycle support for passwordless security.
- Protection against deepfakes, fraud, outages, and AI-based impersonation.
- New tool (Help Desk Live Verify) to protect IT Help Desks from abuse.
Zimperium’s mobile threat report flags rising risks
Zimperium’s 2025 Global Mobile Threat Report revealed a striking trend: attackers are prioritizing mobile over desktop environments.
Key findings:
- Smishing (SMS phishing) now makes up over two-thirds of mobile phishing attacks.
- PDF-based phishing is on the rise.
- A quarter of enterprise devices are too old to patch, posing a serious risk.
- 23.5% of devices had sideloaded apps, often loaded with malicious extras.
- 23% of work apps communicated with servers in embargoed or high-risk countries.
The report emphasizes that organizations need more robust mobile threat defense strategies and better vetting of mobile apps used in the workplace.
RSA expands ISPM to strengthen hybrid identity security
RSA continued the identity theme on Day 2 with new Identity Security Posture Management (ISPM) capabilities. These updates help enterprises uncover and address identity-related risks across cloud and on-prem systems, all embedded within RSA’s Governance and Lifecycle solution.
“For identity teams overwhelmed by data, the new AI-powered dashboards from RSA provide the proactive information they need to prioritize actions and enhance their security,” Taylor said.
Cloud Security Alliance launches compliance automation revolution
In a significant move toward solving the growing complexity of global compliance, the CSA announced the launch of Compliance Automation Revolution (CAR). Built in partnership with heavyweights like Google, Oracle, Salesforce, and Deloitte Italy, CAR aims to cut through the red tape using practical automation tools that address modern security and privacy challenges.
Securonix rolls out a full suite of genAI agents for the SOC
Securonix rolled out eight GenAI agents, each designed to automate and optimize different roles inside a modern Security Operations Center.
From the policy agent, which turns natural language into deployable detection rules, to the insider intent agent, which identifies threats based on behavioral drift and psycholinguistic analysis, these agents can reduce analyst workloads by as much as 50%.
Other agents include:
- Noise cancellation agent: Cuts false positives.
- Spotter agent: Functions as an autonomous threat hunter.
- Investigate agent: Adds real-time intelligence to incidents.
- Threat intel agent: Summarizes and explains threat data in plain language.
- Data pipeline agent: Manages data flow based on context and urgency.
Forescout exposes surge in hacktivist attacks across 40 countries
Forescout’s Vedere Labs released a report detailing a major uptick in hacktivism, identifying 780 attacks in 2024 alone, most of which were claimed by the group NoName057.
Top targets included:
- Government agencies (44%)
- Transportation systems (21%)
- Financial institutions (13%)
The report also flagged instances where groups falsely claimed responsibility, signaling a shift in how cyber propaganda is used in modern conflicts.
What RSA 2025 tells us about tomorrow’s threats
This year’s RSA Conference proved that AI is both a weapon and a shield in cybersecurity.
With threats growing smarter, companies are fighting back with automation, crowdsourced hacking, and stricter identity controls. The rise of autonomous AI agents signals a shift toward self-learning security systems that can adapt in real time. However, technology alone won’t win this fight. The human element remains both the weakest link and the greatest hope.
While AI can block attacks and automate responses, security awareness, skilled analysts, and proactive threat hunting are irreplaceable.
