What You Missed on the Expo Floor
Top Highlights from CSPM at RSAC 2025:
- Wiz unveiled “toxic combination” risk detection across multicloud
- Palo Alto Networks added AI-based auto-remediation to Prisma Cloud
- Orca Security launched advanced attack path visualization
- Drata, Axonius, and Wiz showed off AI-powered compliance auto-mapping
- Blackpoint unveiled CompassOne, a unified CSPM platform
At RSA Conference 2025, Cloud Security Posture Management (CSPM) stood out as one of the fastest-evolving categories in cloud defense. Our team attended expert panels like “Rethinking Security Posture Management in the Era of AI” and demos from industry leaders including Palo Alto Networks, Wiz, and Orca Security. There was a strong consensus that CSPM is moving beyond visibility to include context, automation, and AI-assisted decisioning at scale.
Here are some of the key themes we identified:
CSPM Has Outgrown the Dashboard
From packed sessions to product launches, one thing was clear: CSPM is no longer just about monitoring misconfigurations—it’s becoming the brain of cloud defense.
We sat in on “Automated GRC and the Nexus of Enterprise Security Posture Management,” where panelists emphasized that visibility alone isn’t cutting it. Today’s leading CSPM tools go beyond finding risks, instead prioritizing them with attacker logic in mind.
“You can’t fix what you can’t prioritize. CSPM needs to tell you what’s exploitable, not just what’s out of spec.”
— Lalit Ahluwalia, CEO, DigitalXForce
From Visibility to Context: Smart Risk Modeling
Wiz got a lot of attention on the floor for its new “toxic combination” engine, which does more than check boxes—it identifies when permissions, network exposure, and sensitive data converge into a high-risk scenario.
Orca Security went even further, showing real-time attack path simulations using AI to trace how lateral movement could occur across cloud workloads. One of their booth staff walked us through how a misconfigured container could lead to cross-account compromise—in under two minutes.
Blackpoint Cyber made its RSA debut by unveiling CompassOne, a unified security posture and response platform that integrates visibility, threat detection, and remediation guidance, earning a Global InfoSec Award for innovation.
Fortra presented its integrated cybersecurity solutions, emphasizing threat intelligence, data protection, and automation to help organizations strengthen their security posture.
Remediation Moves Closer to Real Time
CSPM is getting proactive. Palo Alto’s Prisma Cloud debuted customizable auto-remediation playbooks that activate based on severity and policy logic. This lets security teams set thresholds for when the platform steps in without human review.
Lacework leaned into ease-of-use with AI-generated remediation summaries—it can now tell you in plain English what’s wrong, why it matters, and how to fix it.
XM Cyber highlighted its continuous exposure management platform, focusing on identifying and mitigating attack paths across hybrid environments to prevent potential breaches.
Compliance, Reimagined with AI
Compliance isn’t going away, but it is changing. Drata and Wiz both showcased features that automatically map cloud configurations to frameworks like ISO 27001, HIPAA, and PCI, helping teams stay audit-ready without spreadsheets.
Orca previewed compliance drift alerts—so if a once-compliant environment shifts out of bounds, the system flags it fast.
Axonius presented its AI-powered security and IT operations platform, unveiling Anomali Agentic AI to enhance threat detection, investigation, and response capabilities.
Reco launched AI Agents, a groundbreaking solution designed to transform how organizations detect and respond to security threats across their expanding SaaS environments.
What We Heard in the Hallways
“CSPM used to be a tool for the security team. Now our audit committee’s asking for a live dashboard.”
— Attendee comment, “What CISOs Get Wrong”
“AI’s making CSPM smarter—but it’s also making cloud misconfigurations more dangerous. You need posture and behavior analysis now.”
— Michael Ratemo, Principal Security Consultant, Cyber Security Simplified LLC
Why It Matters
RSAC 2025 made it clear: CSPM is evolving from hygiene tool to high-impact defense layer. The vendors gaining traction are those offering:
- Contextual risk, not just alerts
- Seamless integration with Zero Trust and identity tools
- Built-in automation to reduce manual effort
If your CSPM isn’t helping you make faster, smarter decisions—it may be time to move on. Check out our list of recommended CSPM providers.
For more insights and detailed discussions from RSA Conference 2025, explore the full agenda and session recordings available on the RSA Conference website.
