Join our daily and weekly newsletter for the latest updates and exclusive content on industry-leading AI coverage. learn more
Over 20 vendors have announced agent AI-based security agents, apps and platforms RSAC 2025the most insightful news from the meeting is a rare and encouragement trend for security leaders. For the first time in three years, overall cybersecurity effectiveness has improved.
Scale Venture Partner (SVP) Recently released 2025 Cybersecurity Perspective Report, This shared that the average effectiveness of cybersecurity protection has improved for the first time in three years, increasing from 48% in 2023 to 61% this year. “70% of security leaders are most protected against common phishing attacks, with only 28% of companies reporting complexity.”
SVP also found that 77% of CISOs consider protecting AI/ML models a priority to improve their security attitudes from 55% last year to 2025. In particular, considering the influx of new agent AI solutions announced at RSAC, 75% of companies expressed interest in leveraging AI to use AI agents to automate SOC investigations and triage large numbers of security alerts to prevent security incidents.
The increased effectiveness of SVPs is not a coincidence. These are attributed to the successful integration of the platform, while CISO and their team successfully employed automation at scale, and attackers have been walking the way forward in the past.
“Without full visibility, attackers will go through cracks between products,” Etay Maor, senior director of security strategies at Cato Networks, told VentureBeat during RSAC 2025.
Agent AI is moving beyond the minimum viable product to platform DNA
Maor’s perspective explains why cybersecurity agent AI needs a new definition of what needs minimally viable products. RSAC 2025 revealed what mature agent AI is becoming. A group of vendors using Agent AI as codebase adhesives is used as codebase adhesives for integrating codebase and apps. For years then, Agent AI is at the core of the codebase and architecture.
Cybersecurity providers of this latter group. Agent AI is the core of the platform, and in many cases it continues to double down on R&D costs, which has an advantage in Agent AI. This includes Cato Networks’ SASE Cloud Platform, Cisco AI DefenseCrowdStrike’s Falcon single agent architecture, Darktrace’s Cyber AI Loop, Elastic and elastic AI assistant, Microsoft Security Co-pilot and Defender XDR Suite, Palo Alto Networks ‘Cortex Xsiam, Sentinelone’s Specificity Platform and Vectra AI’s Cognito Platform.
Organizations with automated containment relying on integrated AI-driven detection are decreasing beyond residence time 40%. So are they It’s almost twice as likely Neutralizes phishing-based intrusion before lateral movement occurs. Show floor vendors often rely on identity and access management scenarios to showcase how agent AI workflows can help trim the workloads of Security Operations Center (SOC) analysts.
“Identity will become an important element of AI throughout the lifecycle. AI agents will need identity. They need to understand zero trust. And how do you validate how to validate them? As Jakkal briefly stated, “AI must start with security first. As AI evolves, it is important to quickly evolve security mechanisms.”
A common theme for all agent AI demonstrations across the show floor was to triangulate attack data, gaining quick insights into the forms of trade used, and defining containment strategies all in real time.
CrowdStrike demonstrated how agent AI can pivot from detection to real-time action through a live investigation of North Korea’s threat campaigns that deploy remote Devops jobs in strategic technology companies across the US and around the world. Live demo followed tradecraft DPRK’s famous cholima I spoofed remote DevOps employment, slipped past HR checks, leveraged legitimate tools including RMM software and VS code to quietly rule out data. Although powerful, it was acutely reminder that Agent AI still relies on people in the loop to find adaptive threats and fine-tuning models before the signal is lost due to noise.
GEN AI’s goal: Discover and kill the commerce of nation-states
It is an attack that no one sees the most devastating and challenging person, company or state as coming. The idea of threats is so devastating that being able to easily shut down a power grid, payment, banking, or supply chain system controls the minds of many of the brightest and most innovative technologies in cybersecurity.
Cisco Chief Product Officer Jeet Patel highlighted the urgency to enhance cybersecurity with AI, which has led to catastrophic potential threats now being spotted and neutralised after being triggered. “AI is fundamentally changing everything, and cybersecurity is at the heart of it. We are no longer dealing with human threats. These attacks are occurring on a mechanical scale,” Patel said in his keynote address.
Patel emphasized that AI-driven models are not deterministic. “They don’t give the same answer every time and don’t introduce unprecedented risks.”
CISOs need to understand today’s complex risks and threats
“This isn’t another AI story, I promise,” joked George Kurtz, CEO of Crowdstrike, during his RSAC 2025 keynote address. “I was asked to give it, and I said, “Do we talk about what’s really important now, like making CISO a seat at the board table?” That punchline conveyed two at a time a cartoon relief and a sharp pivot to the critical issues of cybersecurity leadership in 2025.
In his keynote speech, “CISO’s Guide to Protecting Board Sheets” Kurtz issued a clear phone call Take actionAeon: “Cybersecurity is no longer a compliance proposal. It’s a governance delegation. SEC regulations have significantly changed the arc of CISO carriers.” The board is not just evolving. They are forced to consider cyber risk as a major business threat.
Kurtz supported his argument with hard numbers: 72% of the board say they are actively seeking cybersecurity expertise, but only 29% actually have it. “It’s not just a talent gap,” Kurtz said. “If you’re ready to step up, that’s an opportunity,” he encouraged the audience.
His roadmap for CISO to reach the boardroom was tactical and practical:
- Level up your business encyclopedia. “Understand where business value comes from. If you can’t speak about margins, arr, or legal risks, it won’t last long at the table.”
- Speaks the board’s language. “Every meeting rooms run on three priorities: time, money and legal risk. If you can’t translate cyber into them, you will stay on the sidelines.”
- Build your brand outside the security bubble. “We have board members on multiple boards. There is no path through not only technical excellence, but trust and reputation.”
Kurtz took the path from regulatory reform to impact on the boardroom by reexamining how Sarbanes-Oxley transformed CFO into a solid boardroom contributor in 2002. He claimed that the SEC’s 2024 violation reporting mission does the same with the CISO. “Threats promote regulations, and regulations drive board composition,” he said. “This is our moment.”
His advice was not abstract. He urged the CISO to study the deputy statements, identify committee-level needs and strategically identify the network with board members who are “always trying to play a role.” He pointed out that he will be cloud-striking Ciso Adam Zoller, who is currently appearing on the AdventHealth board of directors. Kurtz says Zoller is someone who stays in the room and earns seats, learns how the board operates, and is considered more than a security expert.
Kurtz concluded with a challenge. “I’d like to come back in 10 years and still have red hair and see the CISO on a 50% board like a CFO. The meeting room is not waiting for permission. The only question is:
“Aie is not magic – it’s mathematics.”
Diana Kelly, CTO Protect your AIportrayed one of the most important early crowds of RSAC 2025 in a dull message. Her keynote provided a healthy background with sliced Gen AI hype and highlighted the true risks to AI models that all organizations need to defend before they can begin working on the model. Kelly offered detailed insights into model addiction, rapid injections and hallucinations, and sought a full-stack approach to AI security.
She introduced Gen AI’s top 10 OWASPs, highlighting the need to protect AI from CISOS’s early partner Day Zero, actively threatening threat models, treating prompts, outputs and agent chains as privileged attack surfaces.
Palo Alto Networks announced Intent to get Protect AI Another factor driving on the same day as Kelley’s presentation So many conversations about her keynote speech.
RSAC 2025 shows why it’s time for Agent AI to provide results
RSAC 2025 made one thing clear. AI agents are in the security workflow, but the board wants proof they work. For CISOs who are under pressure to justify spending and reduce risk, the focus is shifting from innovation hype to operational impact. The actual victory, including a 40% lower residence time and a phishing resilience reaching 70%, came from platform integration and automation alert triage. The Truthful Moment of Agent AI is here, especially for vendors who have just entered the market.
