Table of Contents
Another RSAC Conference has wrapped in San Francisco, and it’s a good time to reflect on the pulse of the cybersecurity industry.
RSAC 2025 showcased a cybersecurity industry swept up in the next wave of innovation, yet anchored by a demand for solutions that work. The booths around the Moscone Center buzzed with familiar energy, and the conversations were filled with both exciting evolutions in technology and some enduring, fundamental truths.
Agentic Security — Navigating Hype, Harnessing Potential
‘Agentic security’ or ‘AI agents’ was undeniably the topic that got everybody talking in RSAC 2025.
As is often the case in our dynamic field, I saw this terminology-of-the-hour in every message. Suddenly, there was an AI agent story for everything — from automating vulnerability scanning, to revolutionizing user awareness training to, of course, transforming security operations.
If you walked the expo floor, you’d think AI agents were already the answer for all our cybersecurity woes.
However, peeling back the layers of marketing revealed a more nuanced picture. My conversations with industry analysts confirmed that while the excitement is high, agentic security is still in its very early stages. This seamless, autonomous cyber defense is still somewhere on the horizon, rather than a current reality.
That said, let’s not dismiss its potential. The underlying concept of leveraging AI to create more autonomous, proactive, and intelligent security mechanisms, has the power to significantly evolve how we approach cybersecurity. The key will be moving beyond the buzz to build solutions that truly augment and empower security teams, not just adding another layer of complexity or a new label to old capabilities.
Prioritizing SecOps Enablement Over Entanglement
Interestingly, the once-dominant theme of ‘platformization’ felt significantly less like a primary talking point this year. It seems the industry is maturing in its understanding of what a platform should truly offer.
There’s a clear and welcome prioritization emerging: a strong desire to avoid vendor lock-in. The conversation has shifted from simply consolidating tools under one brand to demanding platforms that genuinely enable Security Operations. This means a greater emphasis on interoperability, open architectures, and the flexibility for organizations to integrate best-of-breed solutions that fit their specific needs. This is a positive step towards platforms that empower, rather than dictate.
EDR & Security Control Evasion Is a Stark Reality
One of the more sobering, yet critical, acknowledgments across many discussions in RSAC 2025 was the undeniable reality of EDR (Endpoint Detection and Response) evasion, and the broader conversation on security control evasion.
This isn’t a theoretical threat anymore, it’s a practical, in-the-wild challenge that adversaries are actively and successfully exploiting.
The implications are significant. It underscores the fact that no single security control, no matter how advanced, is infallible. It forces us to look beyond endpoint-centric strategies and consider a more holistic, layered defense where we assume that individual controls can, and will, be bypassed.
Observations From Beyond the Moscone Center
Beyond the conference halls, it was heartening to see San Francisco itself showing clear signs of a return to vibrancy. The city felt more alive, more optimistic, and that positive energy was a welcome backdrop to the intense discussions of the week.
A particularly striking observation for me, this year, was the ubiquitous presence of Waymo self-driving cars navigating the complex San Francisco traffic. Here we have autonomous systems making real-time decisions in an environment where lives are at stake. This isn’t just a technological marvel; it’s a powerful real-world validation for the vision many of us in cybersecurity are striving towards – a ‘SOCLess’ future. If autonomy can be achieved in something as unpredictable as urban traffic, it reinforces the idea that more autonomous, intelligent security operations are an achievable (and essential) trend for our industry.
The Vibrant Rise of the LATAM Cybersecurity Community
On a more personal note, as a Black Latino founder, it filled me with immense pride to witness the ‘Brazilian and LATAM explosion’ this year, at RSAC 2025. In fact, the growing, vibrant community from Latin America was impossible to miss.
Professionals from Brazil, Argentina, Colombia, and many other nations weren’t just there to learn; they were actively contributing, networking, and showcasing incredible innovation.
It was inspiring to see so many cheering for LATAM companies like Smartfence, Fluid Attacks, Kriptos, Baygoo, and Strike, among others, who are aiming to transform cybersecurity globally, right alongside Lumu. This growing group is a testament to the talent and drive within the region.
Navigating an Evolving Landscape
RSAC 2025 painted a picture of an industry in transition — excited by the potential of AI, demanding more from its platforms, confronting the hard truths of security evasion, and rediscovering the foundational importance of the network.
These shifts reinforce our mission at Lumu: to help the world operate cybersecurity proficiently. The path forward requires not just embracing new technologies, but also a commitment to fundamental principles of visibility, operational efficiency, and a collaborative spirit to stay ahead of adaptable adversaries.
The journey continues and the need for clear, actionable insights into threats has never been greater. We are not stopping.
To complete this look back at RSAC 2025, I found the messages from the keynote stage particularly powerful this year, so, for those who couldn’t be there, we’ve put together some of the standout highlights: Lumu’s RSAC 2025 Recap
