What You Missed on the Expo Floor
Key Moves in Agentic AI at Black Hat USA 2025:
- Reco.ai highlighted its focus on shadow AI and how SaaS apps are vulnerable to data exposure.
- 7AI positioned itself as a leader in agentic security, unveiling a suite of innovations that enable end-to-end autonomous security operations.
- AirMDR unveiled an AI SOC platform automating 90% of Tier-1 alert triage.
- Descope introduced agentic identity governance for AI agents and MCP environments.
Agentic AI was the undisputed centerpiece of Black Hat USA 2025. From packed keynotes to standing-room-only panels, the conversation shifted from theoretical promise to operational reality. Vendors, researchers, and practitioners alike focused on how autonomous agents are reshaping detection, response, and governance across the cybersecurity stack.
Our team was on the ground throughout the event, attending keynotes, participating in panel discussions, and engaging directly with solution providers and CISOs. The energy surrounding agentic AI was bolstered by real-world deployments, new product launches, and candid conversations about risk, control, and scale.
Here are some key themes from the show that stood out:
From Concept to Capability: Agentic AI Goes Operational
The shift from AI as a tool to AI as a teammate was a recurring theme. Cisco’s announcement of its Foundation AI model, an 8-billion parameter LLM purpose-built for cybersecurity, marked a major milestone. Unlike generalist models, Cisco’s agentic AI is trained on security-native data (network telemetry, endpoint signals, and threat intel) and is designed to act autonomously within enterprise environments. The company also open-sourced the model and weights, signaling a commitment to transparency and community collaboration.
SOCRadar launched its Agentic Threat Intelligence platform, featuring specialized agents that autonomously respond to phishing, credential leaks, and IP exposure. These agents can be mixed, matched, and customized, and are now available via what SOCRadar claims is the first cybersecurity AI marketplace.
AirMDR introduced an AI SOC platform that automates over 90% of Tier-1 alert triage. Designed for MSSPs, it supports multi-tenant operations and offers one-click root cause analysis and autonomous response. The platform also includes a “free forever” tier for smaller teams.
Governance and Guardrails: Managing AI Agents
As agentic AI systems gain access to sensitive environments, governance becomes critical. Descope addressed this head-on with its agentic identity control plane, enabling policy-based governance, auditing, and access restrictions for AI agents. The platform helps security teams spot rogue agents and misconfigurations, and links agent behavior to human users for accountability.
Cyera introduced AI Guardian, which includes AI-SPM (security posture management) and AI Runtime Protection. It inventories AI assets, monitors risks in real time, and features Omni AI: a conversational tool that analyzes millions of enterprise records and generates actionable security reports.
Tenable added AI Exposure to its Tenable One platform, helping teams identify and control risks from generative AI tools like ChatGPT Enterprise and Microsoft Copilot. It enforces guardrails and prioritizes risks based on enterprise policy.
Agentic AI in the SOC: Speed, Scale, and Simplicity
Security operations centers (SOCs) are rapidly evolving with agentic AI. CrowdStrike’s Falcon Shield now integrates with OpenAI’s ChatGPT Enterprise Compliance API, mapping agents to their human creators and automating threat containment via Falcon Fusion. It supports over 175 SaaS apps and enables governance of GPT-based agents.
AppOmni rolled out new packages for SaaS and AI app control, including discovery of shadow AI, permissions, and suspicious activity. Its enterprise tier supports 30+ AI and SaaS apps, including Cisco Umbrella, Claude, and ChatGPT Enterprise.
Cyware’s MCP Server integrates LLMs into workflows for real-time context and control. Its Quarterback AI agent surfaces IOCs, malware, and vulnerabilities, and offers threat intelligence-backed recommendations.
What We Heard in the Hallways
“With 7AI’s agents, we’re shifting from a world where analysts do the work to one where they direct it.”
—Lior Div, CEO, 7AI
“Agentic AI is no longer treated as a trend. It’s becoming a core part of how security teams operate.”
—Jon France, CISO, ISC2
Why It Matters
Agentic AI is redefining cybersecurity operations. The ability for AI agents to act, decide, and respond in real time is changing how teams think about scale, risk, and strategy. But with that power comes complexity. Governance, visibility, and trust are now front-line concerns.
For BDMs and TDMs, the biggest takeaway was Agentic AI is here. Now the challenge is how to adopt it responsibly, securely, and effectively.
From tools to teammates—AI is entering its agentic era. Check out our vetted list of Agentic AI solution providers.
