If you are at all involved in cybersecurity, then chances are you attended or talked to someone about the RSA Conference 2025. This year’s theme was “Many Voices, One Community” – a spot on description based on my experience.
Yes, there were many voices – mostly talking AI, specifically agentic AI which is driving innovation and demand for security solutions. The number of voices also reflected the growing community of defenders collaborating at various levels to better arm themselves against a threat landscaping that is evolving more rapidly than ever.
Interest in new solutions and approaches was high. Unfortunately, it can be difficult to differentiate when the noise (actual volume and ubiquity of AI messaging) is overpowering. But an important thread came through loud and clear from my conversations with security leaders and practitioners: The industry is moving beyond AI for AI’s sake.
What does this mean?
Defenders aren’t looking for the latest AI tool. Instead, they are interested in AI utility and are asking how their existing vendors are enhancing their current platforms with AI-enabled capabilities and how new vendors may fit into their infrastructure.
The approach of augmenting existing security solutions is much more pragmatic given that vendors are trusted partners and current economic headwinds. While security budgets are robust, uncertainty around federal spending warrants caution, especially for companies with many public sector customers. Focusing on a few proven vendors and platforms is good business sense.
What does that look like?
Based on our work with threat intel creators and consumers of threat intel, CTI teams are interested in using AI to prioritize and curate threat intelligence for improved detection, but challenges here persist. Consumers of threat intel are looking to augment security operations with AI-enabled use cases around improving investigation, hunting, remediation, and report authoring.
Additionally, AI plus automation can streamline security operations with intelligent workflows that simplify data aggregation, enrichment, and sharing across teams and automate response through existing EDR and NDR solutions.
What’s the value?
Exploring how vendors are incorporating AI to advance their solutions, surfaces the vendors committed to innovation that’s practical. Targeted use cases that incorporate AI to accelerate and improve outcomes enable security teams to demonstrate a return on their investment more quickly.
Risk management around AI and its application within security tools is also a priority for many organizations. Working with a trusted vendor helps allay some of those concerns. They are approaching AI with deep domain expertise and an understanding of your business as an existing customer. In combination, that knowledge can go a long way toward mitigating risk connected to innovations related to AI.
While AI has been for some time, it’s refreshing to see that we are collectively moving beyond the hype. Emphasizing powerful and pragmatic ways that AI can drive security value is what defenders need right now.
20130 Lakeview Center Plaza
Suite 400
Ashburn, VA 20147
