By Byron V. Acohido
SAN FRANCISCO — Typically, the perfect insights come not from the keynote stage, however from the resort foyer.
Associated: RSAC 2025 prime takeaways
In between classes at RSAC 2025, I slipped over to the Marriott foyer and held fast, off-the-cuff interviews with a handful of cybersecurity distributors — every doing one thing genuinely completely different, usually radical, to assist organizations shore up digital defenses.
These chats have been spontaneous and candid, and in combination they spoke to one thing deeper than mere market noise.
Every vendor is grappling with what would be the defining query of the second in cybersecurity: how will we keep forward of cyber attackers weaponizing AI, with out drowning in complexity or value? The solutions I heard counsel {that a} new wave of innovation — AI-native, automation-first, deeply integrative — is quickly taking form.
Listed here are eight snapshot interviews that collectively illustrate the breadth of this shift.
AirMDR — Aiding SMBs
Carolyn Crandall, CMO of AirMDR, broke it down with compelling readability. “How will we get enterprise-class cybersecurity into the fingers of small to medium companies — affordably?” The reply, she says, lies in automating 80% of what human analysts do, utilizing an AI-driven SoC (Safety Operations Middle) mannequin. This lets AirMDR ship managed detection and response (MDR) at half the standard value — giving SMBs 24/7 safety, together with investigation, triage, playbook creation, and response, with out having to rent or prepare specialised groups.
Acalvio: AI-powered deception
Anand Akela of Acalvio Applied sciences provided a provocative take: “Deception know-how is the one strategy to detect threats that nobody has seen earlier than — zero days generated on the fly by LLMs.” Alcavio makes use of AI not solely to determine such threats, however to create convincing decoys — “honey tokens,” “honey buckets” — that lure attackers down false paths. The second an intruder touches one, high-fidelity alerts are triggered. “That’s preemptive protection,” Akela says — an strategy born for the GenAI period.
Approov: Securing cloud-mobile APIs
Ted Miracco, CEO of Approov, painted a vivid image of contemporary cellular danger: “Your cellular app is below assault the second it talks to the cloud — particularly over public Wi-Fi.” Approov’s resolution? Hold API keys off the machine fully. As a substitute, they’re disbursed simply in time from the cloud, solely to validated apps working on uncompromised gadgets. “Consider it like a digital valet key handed out solely when belief is earned,” Miracco defined.
Cyware: Correlating shortly
Cyware’s Patrick Vandenberg emphasised the rising worth of CTI — Cyber Risk Intelligence — because the “first baton handoff” within the safety operations race. “However with out automation,” he added, “risk groups are drowning.”
Cyware’s platform integrates LLMs to immediately correlate risk information from huge feeds and information lakes, lowering every week’s price of study to 30 seconds. This turbocharges the handoff to SOC groups, letting people deal with what issues most.
FireMon: Concord within the hybrid cloud
Wealthy Mogull of FireMon provided a refreshing dose of realism. “We maintain pretending cloud and on-prem are a single stack. They’re not. They’re completely completely different tech and governance fashions.”
FireMon helps massive enterprises “harmonize” safety throughout hybrid networks by giving perimeter groups visibility into the cloud — and vice versa. “You possibly can’t govern what you may’t see,” Mogull mentioned. “Harmonization is the one approach ahead”.
Invi Grid: Safety for startups
Yogita Parulekar, founding father of Invi Grid, is attacking a selected frustration shared by AI startups: “We wish to innovate quick, however cloud safety is slowing us down.” Invi Grid solves this by treating infrastructure and safety as one product — not a service. “You log in, outline what you want, and it’s constructed — with safety baked in.” Consider it as security-as-code for speed-obsessed builders.
Simbian: Truthful LLM output
Jason Keirstead, co-founder of Simbian, spoke candidly about hallucinations — not in people, however in LLMs. “The early tendency of those fashions to make stuff up was a serious hurdle. So we constructed immediate libraries, fine-tuned fashions, and built-in RAG — retrieval augmented era — to maintain solutions grounded.”
Their platform ingests SOC alerts and robotically triages, investigates, and even remediates incidents. “It’s not one other chat interface,” Keirstead mentioned. “It’s an answer that works below the hood, day one”.
PointGuard AI: Enterprise guardrails
Willy Leichter, CMO of PointGuard AI, captured the looming risk succinctly: “We haven’t had our ‘SolarWinds second’ for AI but — but it surely’s coming.”
His firm helps CISOs regain management by discovering and inventorying rogue AI instruments, assessing mannequin dangers, and monitoring LLM interactions for information leakage or immediate abuse. “The strain to make use of AI is relentless,” Leichter mentioned. “However that doesn’t imply safety will get left behind”.
Backside line? There’s no single magic bullet — however this unfastened constellation of options displays a broader, pressing motion: cybersecurity distributors embracing AI not as a buzzword, however as a pressure multiplier, a governance problem, and above all, a necessity.
As RSAC 2025 reminded us, the arms race between defenders and attackers has reached a brand new inflection level. The true innovation now’s in execution — not simply constructing higher instruments, however delivering smarter, quicker, and extra pragmatic solutions to the safety questions that matter most.
I’ll maintain watch and maintain reporting.
Acohido
Pulitzer Prize-winning enterprise journalist Byron V. Acohido is devoted to fostering public consciousness about the way to make the Web as non-public and safe because it must be.
(Editor’s word: A machine assisted in creating this content material. I used ChatGPT-4o to speed up analysis, to scale correlations, to distill advanced observations and to tighten construction, grammar, and syntax. The evaluation and conclusions are fully my very own—drawn from lived expertise and editorial judgment honed over many years of investigative reporting.)
