MY TAKE: RSAC 2025 – Conversing with vendors hanging out in the Marriott Marquis mezzanine

SAN FRANCISCO — Sometimes, the best insights come not from the keynote stage, but from the hotel lobby.

Related: RSAC 2025 top takeaways

In between sessions at RSAC 2025, I slipped over to the Marriott lobby and held quick, … (more…)

The post MY TAKE: RSAC 2025 – Conversing with vendors hanging out in the Marriott Marquis mezzanine first appeared on The Last Watchdog.

SAN FRANCISCO — Sometimes, the best insights come not from the keynote stage, but from the hotel lobby.

Related: RSAC 2025 top takeaways

In between sessions at RSAC 2025, I slipped over to the Marriott lobby and held quick, off-the-cuff interviews with a handful of cybersecurity vendors — each doing something genuinely different, often radical, to help organizations shore up digital defenses.

These chats were spontaneous and candid, and in aggregate they spoke to something deeper than mere market noise.

Each vendor is grappling with what may be the defining question of the moment in cybersecurity: how do we stay ahead of cyber attackers weaponizing AI, without drowning in complexity or cost? The answers I heard suggest that a new wave of innovation — AI-native, automation-first, deeply integrative — is rapidly taking shape.

Here are eight snapshot interviews that collectively illustrate the breadth of this shift.

AirMDR  — Aiding SMBs

Carolyn Crandall, CMO of AirMDR, broke it down with compelling clarity. “How do we get enterprise-class cybersecurity into the hands of small to medium businesses — affordably?” The answer, she says, lies in automating 80% of what human analysts do, using an AI-driven SoC (Security Operations Center) model. This lets AirMDR deliver managed detection and response (MDR) at half the traditional cost — giving SMBs 24/7 protection, including investigation, triage, playbook creation, and response, without having to hire or train specialized teams.

Acalvio: AI-powered deception

Anand Akela of Acalvio Technologies offered a provocative take: “Deception technology is the only way to detect threats that no one has seen before — zero days generated on the fly by LLMs.” Alcavio uses AI not only to identify such threats, but to create convincing decoys — “honey tokens,” “honey buckets” — that lure attackers down false paths. The moment an intruder touches one, high-fidelity alerts are triggered. “That’s preemptive defense,” Akela says — an approach born for the GenAI era.

Approov: Securing cloud-mobile APIs

Ted Miracco, CEO of Approov, painted a vivid picture of modern mobile risk: “Your mobile app is under attack the moment it talks to the cloud — especially over public Wi-Fi.” Approov’s solution? Keep API keys off the device entirely. Instead, they’re dispensed just in time from the cloud, only to validated apps running on uncompromised devices. “Think of it like a digital valet key handed out only when trust is earned,” Miracco explained.

Cyware: Correlating quickly

Cyware’s Patrick Vandenberg emphasized the growing value of CTI — Cyber Threat Intelligence — as the “first baton handoff” in the security operations race. “But without automation,” he added, “threat teams are drowning.”

Cyware’s platform integrates LLMs to instantly correlate threat data from vast feeds and data lakes, reducing a week’s worth of analysis to 30 seconds. This turbocharges the handoff to SOC teams, letting humans focus on what matters most.

FireMon: Harmony in the hybrid cloud

Rich Mogull of FireMon offered a refreshing dose of realism. “We keep pretending cloud and on-prem are a single stack. They’re not. They’re totally different tech and governance models.”

FireMon is helping large enterprises “harmonize” security across hybrid networks by giving perimeter teams visibility into the cloud — and vice versa. “You can’t govern what you can’t see,” Mogull said. “Harmonization is the only way forward”.

Invi Grid: Security for innovators

Yogita Parulekar, founder of Invi Grid, is attacking a specific frustration shared by AI startups: “We want to innovate fast, but cloud security is slowing us down.” Invi Grid solves this by treating infrastructure and security as one product — not a service. “You log in, define what you need, and it’s built — with security baked in.” Think of it as security-as-code for speed-obsessed builders.

Simbian: Truthful LLM output

Jason Keirstead, co-founder of Simbian, spoke candidly about hallucinations — not in humans, but in LLMs. “The early tendency of these models to make stuff up was a major hurdle. So we built prompt libraries, fine-tuned models, and integrated RAG — retrieval augmented generation — to keep answers grounded.”

Their platform ingests SOC alerts and automatically triages, investigates, and even remediates incidents. “It’s not another chat interface,” Keirstead said. “It’s a solution that works under the hood, day one”.

PointGuard AI: Enterprise guardrails

Willy Leichter, CMO of PointGuard AI, captured the looming threat succinctly: “We haven’t had our ‘SolarWinds moment’ for AI yet — but it’s coming.”

His company helps CISOs regain control by discovering and inventorying rogue AI tools, assessing model risks, and monitoring LLM interactions for data leakage or prompt abuse. “The pressure to use AI is relentless,” Leichter said. “But that doesn’t mean security gets left behind”.

Bottom line? There’s no single magic bullet — but this loose constellation of solutions reflects a broader, urgent movement: cybersecurity vendors embracing AI not as a buzzword, but as a force multiplier, a governance challenge, and above all, a necessity.

As RSAC 2025 reminded us, the arms race between defenders and attackers has reached a new inflection point. The real innovation now is in execution — not just building better tools, but delivering smarter, faster, and more pragmatic answers to the security questions that matter most.

I’ll keep watch and keep reporting.

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

(Editor’s note: A machine assisted in creating this content. I used ChatGPT-4o to accelerate research, to scale correlations, to distill complex observations and to tighten structure, grammar, and syntax. The analysis and conclusions are entirely my own—drawn from lived experience and editorial judgment honed over decades of investigative reporting.)

The post MY TAKE: RSAC 2025 – Conversing with vendors hanging out in the Marriott Marquis mezzanine first appeared on The Last Watchdog.