Security in Motion: What We Saw, Heard, and Learned on the Ground at RSAC
If RSAC 2024 was about frameworks and futureproofing, RSAC 2025 was about execution at scale. From the packed keynotes to the demos on the expo floor, one message came through loud and clear: modern security is less about the tools you own and more about the signals you can act on.
Our team was on the ground all week in San Francisco, walking the floor, sitting in standing-room-only sessions, and having real conversations with security vendors, CISOs, architects, and analysts. It wasn’t all conversations and note taking—we watched the industry move. And what we saw was a security community trying to close the gap between visibility and action.
The biggest shift this year? AI isn’t the story anymore—it’s the infrastructure. Whether it was identity, data, networks, or response, nearly every major innovation at RSA 2025 involved AI not as a standalone feature, but as a built-in, decision-making layer. The strongest platforms weren’t trying to dazzle with buzzwords—they were showing how AI helps real teams make faster, smarter moves when the pressure hits.
A Few of the Big Themes That Cut Across the Show:
AI That Decides, Not Just Detects
This year, the buzzword wasn’t just “AI”—it was “agentic AI.”
CrowdStrike’s Charlotte AI, Microsoft’s adaptive access controls, and Splunk’s LLM-backed SOAR workflows all pointed to the same trend: AI is now making calls on triage, escalation, and remediation with increasing accuracy. Analysts aren’t being replaced—they’re being relieved.
Identity as the Control Plane
From AI agent governance to non-human identity sprawl, identity was everywhere. IAM, once a utility layer, is now the primary mechanism for Zero Trust enforcement, insider risk mitigation, and cross-environment coordination. Tools that treat identity as just login management are falling behind.
AppSec Moves to Runtime + Remediation
In Application Security, the energy was around fixing, not just finding. Veracode, Zenity, Tromzo, and others showed how AI and workflow intelligence are shrinking the gap between vulnerability discovery and secure deployment—especially in GenAI-assisted development environments.
Network Security Goes Predictive
Cisco’s Foundation AI Model and Palo Alto’s dynamic traffic shaping marked a pivot from passive monitoring to adaptive enforcement. The smartest network tools now correlate signals across layers, throttle risky traffic in real time, and stitch together storylines for incident response—before human analysts even log in.
SOAR Finds Its Voice
This year, SOAR felt more like a co-pilot than a toolkit. Swimlane, Sentinel, and Cortex all showed how automation can now narrate, prioritize, and resolve incidents with minimal human lift. The dream of the “autonomous SOC” isn’t here yet—but it’s drawing a clear roadmap.
Data Security Becomes Contextual
BlackFog, BigID, and CrowdStrike emphasized data resilience, not just perimeter defense. The conversation moved from DLP to GenAI risk, exfiltration throttling, and post-quantum prep. If you’re not protecting the where, how, and why of data access, you’re behind.
IoT and Edge Risk No Longer Fringe Topics
Phosphorus, Armis, and Viakoo brought serious attention to IoT, OT, and edge devices—not just as endpoints, but as entry points. Many teams now face fleets of unmanaged, often unpatchable devices. RSA made it clear: if you can’t see it, you can’t secure it.
The Takeaway
RSAC 2025 didn’t just feel like a showcase of security tools—it felt like a response to the industry’s biggest bottleneck: time. Time to triage. Time to respond. Time to find the one signal that matters in a sea of telemetry.
And across every conversation we had, that’s what the best tools were aiming to solve: not just how to see more, but how to decide faster.
If you missed the show, we’ve broken down what we saw in each major category—from IAM to SOAR, AppSec to Data. Explore the sections below for our direct take on what’s real, what’s hype, and what’s quietly reshaping the way we secure the enterprise.
RSAC 2025 Recap – Data Security
RSAC 2025 Recap – Application Security
RSAC 2025 Recap – Risk & Compliance
RSAC 2025 Recap – Endpoint Security
RSAC 2025 Recap – Network Security
RSAC 2025 Recap – Identity & Access Management
RSAC 2025 Recap – IoT Security
RSAC 2025 Recap – Security Orchestration Automation & Response
