10 Hot Cybersecurity Tools Announced At RSAC 2025

Major vendors including Palo Alto Networks, CrowdStrike and Netskope debuted new security tools Monday to kick off RSA Conference 2025.

RSAC Hot Products

As RSA Conference 2025 officially kicks off Monday in San Francisco, many major cybersecurity vendors are unveiling the new tools that’ll be showcased throughout the week. We’ve chosen 10 of the brand-new security products just announced at RSAC 2025 Monday in fast-growing segments of the cybersecurity market such as AI-powered security operations, phishing protection and data security.

Judging by the product announcements so far, RSAC 2025 is poised to continue the focus on AI from the conferences of prior years, but with a new emphasis this time on the emergence of agentic capabilities. Vendors that announced new offerings Monday included CrowdStrike, which debuted new agentic AI capabilities for security operations teams via its Charlotte AI platform, and Abnormal AI, which debuted a pair of AI agents targeted at difficult areas of cybersecurity that include phishing training and security data analysis.

Meanwhile, Palo Alto Networks unveiled an updated version of its AI-powered SIEM (security information and event management) alternative offering, Cortex XSIAM, while other RSAC product announcements so far have included Netskope’s expansion of data security posture management (DSPM) capabilities.

RSAC 2025 runs through Thursday, May 1, and will see tens of thousands descend on the Moscone Center in San Francisco to explore the latest developments and new trends in the world of cybersecurity. CRN will be on hand throughout the week for interviews with top cybersecurity executives and to check out the newest products on the show floor.

What follows are the key details on 10 hot cybersecurity tools announced at RSAC 2025 so far.

Palo Alto Networks Cortex XSIAM 3.0

Palo Alto Networks announced Monday that it’s debuting the next version of its XSIAM (extended security intelligence and automation management) platform, which aims to offer an AI-powered alternative to traditional SIEM. Major updates in Cortex XSIAM 3.0 include the introduction of “advanced” email security, with capabilities for detecting sophisticated phishing and other email-based threats — including those enhanced using LLMs. The email security capabilities also provide automated removal of malicious emails and disabling of compromised accounts, Palo Alto Networks said. Other key introductions for XSIAM 3.0 include Cortex Exposure Management, which can “cut vulnerability noise by up to 99 percent” using prioritization along with automated remediation, the company said.

CrowdStrike Agentic AI Tools

In connection with RSAC 2025 Monday, CrowdStrike introduced two new agentic AI tools for its Charlotte AI platform, with the launch of Charlotte AI Agentic Response and Charlotte AI Agentic Workflows. Charlotte AI Agentic Response can boost security operations productivity through providing automated answers to questions that an analyst often would pose during an investigation — leading to faster analysis of root causes, mapping of lateral movement and guidance for the analyst’s next actions, CrowdStrike said. Meanwhile, Charlotte AI Agentic Workflows provides drag-and-drop workflows — leveraging LLMs — that provide analysts with a way to easily embed AI reasoning within automated playbooks in Falcon Fusion SOAR, according to the company.

Abnormal AI Agents

At RSAC 2025, Abnormal AI — formerly Abnormal Security — debuted a pair autonomous AI agents targeted at difficult areas of cybersecurity that include phishing training and security data analysis. The first new agent, the AI Phishing Coach, provides a personalized platform for each user that includes customized simulations and “instant coaching modules,” Abnormal AI said in a news release. The tailored simulations are based upon real-world attacks that Abnormal had blocked, the company said.

Meanwhile, the second agent, AI Data Analyst, is aimed at converting massive amounts of security data into “usable intelligence” for organizations, Abnormal AI said. The agent offers capabilities including proactive delivery of reports as well as the ability to interact with the agent around the content of the reports — such as to explore specific findings in more detail, according to the company.

Netskope DSPM Expansion

Netskope announced Monday that it has enhanced its data security posture management (DSPM) offering with several new capabilities, including functionality that can enable safe training of Large Language Models. The new Support Safe Training capability prevents data that is sensitive or regulated from being unintentionally fed into LLMs, while other updates include improved assessment for the risk connected to various activities related to AI, according to the company. Other DSPM enhancements on the Netskope One platform include improved AI governance through automation for policy detection and enforcement — with a focus on determining which data is eligible to be leveraged by AI based upon source, classification or usage context, the company said.

Huntress ITDR Enhancements

Huntress debuted an enhanced version of its Managed Identity Threat Detection and Response (ITDR) offering that features updates such as its new “rogue apps” capability. The feature provides proactive protection against threats to OAuth applications that are installed in Microsoft 365 environments, the company said. Other new capabilities in Huntress’ Managed ITDR include “unwanted access” that detects and shuts down compromised identities, as well as “shadow workflows” that monitors inbox and email forwarding rules to detect malicious rules, according to the vendor.

Bugcrowd Red Team as a Service

Bugcrowd announced Monday that it’s launching what it called the industry’s “first” crowdsourced red teaming service, with the aim of bringing the Bugcrowd platform’s community of ethical hackers to bear on the challenge of real-world threat testing. The Bugcrowd Red Team as a Service will integrate with current threat intelligence, mimic the behaviors of actual cyber adversaries and provide customers with comprehensive reports on the findings, the company said. The new service builds on Bugcrowd’s crowdsourced cybersecurity platform featuring programs such as managed bug bounty, penetration testing as a service and vulnerability disclosure.

Silverfort Non-Human Identity Expansion

Identity security firm Silverfort announced at RSAC that it has expanded the capabilities of its non-human identity (NHI) security offering to incorporate cloud-based identities. This includes NHIs in cloud identity providers, cloud infrastructure and SaaS, and leverages Silverfort’s acquisition in November of Rezonate. The expansion provides “unified coverage for human identities and NHIs” as well as capabilities for “complete” discovery and classification of NHIs, the company said in a news release.

Apiiro Software Graph Visualization

Application security vendor Apiiro debuted its newest offering Monday, Software Graph Visualization, that serves as an interactive map for visualizing an organization’s software architectures. The map can provide visualization of architectures spanning all components and vulnerabilities as well as “toxic combinations, blast radius, data exposure and material changes in real time,” the company said in a news release. The Software Graph Visualization offering replaces static and manual reports to enable easier comprehension of rapidly changing software architectures for security teams, according to Apiiro.

Wallarm Agentic AI Protection

API security vendor Wallarm debuted its new Agentic AI Protection offering focused on providing security for AI agents themselves against a variety of threats. The offering can protect AI against attacks including prompt injection and jailbreaks as well as agent logic abuse and system prompt retrieval, according to Wallarm. Major capabilities in the offering include automated AI API discovery, analysis of AI agent interactions (powered by AI), attack detection and blocking of attacks, the company said.

NetRise ZeroLens

Software supply chain security vendor NetRise unveiled its newest product at RSAC Monday, ZeroLens, which is targeted at detection of undisclosed weaknesses in software. The aim is to detect such weaknesses before they are able to be exploited as vulnerabilities, according to the company. Key capabilities include creation of an inventory of software assets, paired with binary composition analysis — which analyzes compiled code to uncover undisclosed software risk, NetRise said.