Analyst(s): Fernando Montenegro
Publication Date: May 21, 2025
The RSAC Conference remains the flagship event in the cybersecurity calendar, drawing over 44,000 attendees and 650 sponsors in its 34th edition. Futurum examines the key themes that dominated this year’s conversations and what they reveal about the evolving cybersecurity landscape.
Key Points:
- AI dominated discussions across multiple dimensions: securing AI deployments, applying AI to security use cases, and defending against AI-enhanced adversaries.
- Attack surface expansion continues to challenge security teams with both growing scale and increased cognitive complexity.
- “Platformization” remains a strong industry trend as organizations seek integration benefits, though the proper framing should focus on platforms versus point products rather than platforms versus best-of-breed.
Overview:
The RSAC Conference, now in its second edition under Crosspoint Capital ownership, continues to evolve toward a community-centric, year-round effort while maintaining its position as the industry’s premier gathering. With over 500 content sessions and 200 side events, the conference provided a comprehensive view of cybersecurity’s current state and future direction.
AI permeated nearly every aspect of the event. Broader IT infrastructure vendors such as Microsoft and Cisco effectively wove their AI security narratives into larger organizational AI strategies. Meanwhile, pure-play security vendors such as Palo Alto Networks, SentinelOne, Wiz, and Trend Micro highlighted both AI usage within their products and security capabilities for AI deployments. Palo Alto Networks notably announced its Prisma AIRS security platform with the acquisition of Protect.AI, while SentinelOne emphasized its AI-driven platform approach. Agentic AI discussions were prevalent in conversations, though less visible in expo messaging, reflecting the rapid evolution of topics such as the Model Context Protocol (MCP).
Beyond AI, the conference highlighted the evolving nature of the attack surface. Security teams now manage not only more elements but face increased “cognitive complexity” from multiple telemetry sources across cloud, endpoint, application, identity, and more. This complexity was reflected in trends such as increased focus on browser security, a resurgence of interest in microsegmentation, and Project Discovery winning the Innovation Sandbox contest with its modern vulnerability scanning approach.
The “platformization” trend continued, with vendors such as Palo Alto Networks, Microsoft, Google, Trend Micro, and Cisco, among others, pursuing integrated platforms to address security operations challenges. Significant movement was also evident in the SASE/SSE space, with Zscaler, Netskope, HPE, Ericsson, and Aryaka positioning their platform capabilities.
Analysis of the expo floor revealed disproportionate early-stage innovation in application security and identity/access management, while areas such as threat intelligence and network security appeared dominated by established vendors. The expo environment remained carnival-like, drawing mixed reactions from participants, with some senior executives avoiding it entirely.
Industry observers should watch several key developments:
- How quickly AI initiatives in security evolve, both in terms of outcomes and costs
- Whether platform-centric vendors can respond rapidly to new demands without sacrificing innovation
- If other security events throughout the year can maintain RSAC’s energy and relevance
The full Analyst Insight Report, Trends at the RSAC Conference Point to the High-Stakes Nature of Cybersecurity, is available via subscription to Futurum Intelligence’s Cybersecurity IQ service—click here for inquiry and access.
Futurum clients can read more in the Futurum Intelligence Platform. Non-clients can learn more here: Futurum Intelligence Cybersecurity IQ Service.
About the Futurum Cybersecurity Practice
The Futurum Cybersecurity Practice provides actionable, objective insights for market leaders and their teams so they can respond to emerging opportunities and innovate. Public access to our coverage can be seen here. Follow news and updates from the Futurum Practice on LinkedIn and X. Visit the Futurum Newsroom for more information and insights.
Declaration of Generative AI and AI-assisted Technologies in the Writing Process
While preparing this work, the author used Anthropic Claude Sonnet to summarize the original report. After using this service, the author reviewed and edited the content as needed. The author takes full responsibility for the publication’s content.
Author Information
Fernando Montenegro serves as the Vice President & Practice Lead for Cybersecurity at The Futurum Group. In this role, he leads the development and execution of the Cybersecurity research agenda, working closely with the team to drive the practice's growth. His research focuses on addressing critical topics in modern cybersecurity. These include the multifaceted role of AI in cybersecurity, strategies for managing an ever-expanding attack surface, and the evolution of cybersecurity architectures toward more platform-oriented solutions.
Before joining The Futurum Group, Fernando held senior industry analyst roles at Omdia, S&P Global, and 451 Research. His career also includes diverse roles in customer support, security, IT operations, professional services, and sales engineering. He has worked with pioneering Internet Service Providers, established security vendors, and startups across North and South America.
Fernando holds a Bachelor’s degree in Computer Science from Universidade Federal do Rio Grande do Sul in Brazil and various industry certifications. Although he is originally from Brazil, he has been based in Toronto, Canada, for many years.
