MY TAKE: Black Hat 2025 vendors define early contours for a hard pivot to AI security architecture

Black Hat USA 2025 concluded amid a noticeable shift in tone. Compared to prior years, the discussions were more grounded, and the stakes more clearly defined.

Related: GenAI security gaps few

see

While generative AI remained the central theme, what stood out was the growing consensus that the security community must now contend with a new set of operational realities.

No longer speculative, the security risks associated with GenAI are now manifesting in production environments. Adversaries are using AI to accelerate known techniques—particularly phishing, social engineering, and impersonation.

Meanwhile, security teams are still experimenting with how best to integrate large language models into core workflows. Multiple sessions and vendor briefings addressed the same underlying question: how do we monitor and control autonomous systems that learn, adapt, and interact with sensitive data?

A second major concern surfaced repeatedly: the increasing fragility of software supply chains—especially in relation to API security and the sprawling integration surfaces of modern applications.The move toward cloud-native development has introduced attack vectors that are neither well-instrumented nor well-understood, and several vendors now treat API telemetry as critical infrastructure for early detection.

What was missing from this year’s show, to a surprising degree, was overconfidence. Across briefings, hallway conversations, and product pitches, there was a common recognition that many existing security tools are ill-equipped to manage this new landscape.

In their place, a wave of new approaches is taking shape—focused on behavioral modeling, autonomous enforcement, encrypted AI workloads, and more precise runtime controls.

Over the course of the conference, I sat down with a dozen cybersecurity companies to better understand how they are responding to these trends. The following snapshots summarize their approaches—not as endorsements, but as early signals of where enterprise security may be heading next.

Intruder: VM for SMBs

Intruder, a London-based cybersecurity company, focuses on making vulnerability and exposure management more accessible to small and mid-sized businesses. Its platform emphasizes usability and automation—aiming to surface real risks, not just raw scan outputs.

At Black Hat 2025, CEO Chris Wallis introduced AutoSwagger, a free open-source tool that mimics attacker behavior to probe exposed APIs. In early testing, the tool uncovered sensitive data at major firms, including Microsoft, by querying public documentation—underscoring the persistence of basic API misconfigurations.

Wallis noted that many SMBs struggle to manage conventional security tools due to staffing and time constraints. Intruder is attempting to close this gap through continuous scanning, contextual risk scoring, and AI-assisted triage—a model geared toward lean security teams contending with expanding attack surfaces.

Xcape: Redefining pen testing 

Xcape Inc., a boutique cybersecurity firm based in Los Angeles, is rethinking penetration testing as a continuous practice rather than a periodic event. CEO Travers McClearin emphasized that organizations can no longer afford to treat pen testing as a once-a-year compliance exercise.

Instead, Xcape offers ongoing testing that adapts to how real-world attackers operate—persistently, dynamically, and without warning. McClerin cited the rise of “platform abuse,” where vulnerabilities are introduced through poorly governed third-party APIs. Xcape’s PTaaS platform automates reconnaissance while surfacing only the most actionable paths for live testing and remediation.

The company is also experimenting with a private large language model trained on its red team’s tactics. The goal is to augment both internal workflows and client-facing reporting—transforming static pen test reports into living dashboards that evolve with an organization’s threat posture.

AirMDR: Reimagining the SOC 

AirMDR, a next-generation managed detection and response (MDR) provider, is building a security operations platform rooted in AI from the ground up.

Chief Solution Officer Stephen Morrow explained that the system breaks down investigations into small, modular tasks handled by specialized LLMs—an architecture designed to reduce hallucinations and improve consistency.

Unlike traditional SOC tools that rely on human triage or post-processing, AirMDR’s platform is tuned for speed and precision. Morrow said it can process and prioritize more than 90% of alerts in under five minutes. That capability is especially attractive to resource-constrained teams.

With $15.5 million in recent funding, AirMDR is targeting SMBs and MSPs seeking scalable security operations without the overhead of full-scale staffing. The platform integrates with existing tools—from EDRs to HR systems—and aims to deliver autonomous response without introducing complexity.

Tracebit: Cloud-native deception 

Tracebit, a London-based startup, is applying deception techniques to cloud-native environments in a way that aligns with modern DevOps workflows.

CTO Sam Cox described how the platform plants lightweight decoys—such as fake IAM roles and S3 buckets—inside containerized and multi-cloud environments.

The idea is to provide defenders with early, high-confidence signals when an attacker attempts lateral movement. Built on infrastructure-as-code principles, the platform can be deployed and maintained with minimal friction.

Cox acknowledged that intrusions may be rare per account, but at enterprise scale—with hundreds or thousands of cloud instances—some level of compromise is statistically inevitable. Tracebit is betting that low-noise deception can fill the detection gaps left by conventional tools.

RAD Security: AI for cloud defense

RAD Security, a San Francisco-based startup, is focused on bringing agentic AI into noisy, cloud-first environments.

Co-founder Jimmy Mesta described their platform as a departure from legacy tools—instead of layering AI on top, RAD built its detection and response system from scratch around behavioral telemetry.

A standout feature is the use of memory-aware agents that learn each customer’s infrastructure over time. This persistent learning enables more accurate detection and fewer false positives by aligning threat detection with actual business operations.

RAD recently launched RADBots, a suite of AI agents that act like virtual security team members—handling triage, investigation, compliance, and policy enforcement. Mesta positions RAD as a response to the do-more-with-less pressure facing modern security teams.

Lineaje: Protecting supply chains

Lineaje, a software supply chain security vendor, aims to provide deeper visibility into the provenance and safety of open-source and AI components.

CEO Javed Hasan argued that as 70% of today’s software is built on third-party code, tracing commit histories, geographic origin, and transitive dependencies has become essential.

Beyond generating and managing SBOMs, Lineaje uses AI to autonomously remediate vulnerabilities and even produce “gold” versions of vetted open-source packages. The platform seeks to transform static software inventories into dynamic assets that adapt to emerging threats.

Hasan also previewed Lineaje’s “Gold AI” initiative—an attempt to bring standardized validation to LLMs and foundation models. The broader aim is to extend software governance principles to the fast-moving world of AI pipelines.

Zscaler: Zero trust for the GenAI era

Zscaler, a global leader in cloud-delivered security, is evolving its Zero Trust Exchange to counter threats shaped by generative AI.

Senior Researcher Brett Stone-Gross highlighted the shift in ransomware tactics—away from encryption and toward data theft and public extortion.

He also noted that threat actors are using GenAI to create highly convincing phishing content and deepfake impersonations. Some phishing pages are now outranking legitimate government websites in search results.

To address this, Zscaler is investing in AI-powered threat detection, encrypted traffic analysis, and real-time anomaly spotting across its cloud-native platform. The company’s ability to process trillions of daily transactions gives it a wide lens through which to detect emerging threats.

LastPass: Securing identities

LastPass, a longtime provider of identity management tools, is adapting its product strategy to match today’s evolving threat landscape.

At Black Hat, Security Architect Mike Kosak called out info stealers—lightweight malware that exfiltrate credentials from browsers and clipboards—as a persistent and growing threat.

In response, LastPass is expanding beyond vaults and MFA. Its new SaaS Protect browser extension gives IT teams visibility into unsanctioned SaaS and shadow AI usage—a growing concern as employees adopt GenAI tools informally.

The company is also moving toward passwordless authentication. Kosac said support for FIDO2-based passkeys is rolling out now, with the goal of eventually reducing reliance on passwords entirely.

With over 30 million users and 100,000+ business customers, LastPass is positioning itself as a broader identity security platform for both consumers and enterprises.

Desired Effect: Zero-day economics

Desired Effect, a Washington D.C.-based startup founded by former NSA engineer Evan Dornbush, is redefining how defenders access exploit intelligence. Its platform introduces a first-of-its-kind ethical marketplace where vetted researchers can sell early-stage vulnerability insights directly to enterprise security teams—before attackers weaponize them.

In a Fireside Chat at Black Hat 2025, Dornbush framed cybercrime as an economic imbalance, not just a technical arms race. Desired Effect aims to tilt that balance by increasing the cost of entry for attackers while giving defenders actionable intel tailored to their environment. The model flips conventional vulnerability disclosure on its head—rewarding researchers not just once, but continuously, and on their own ethical terms.

By letting buyers understand “what the adversary sees,” Dornbush argues, Desired Effect can help shift security teams from reactive patching to proactive posture management. It’s a bold bid to inject transparency—and economic justice—into the shadowy world of zero-days.

These are early signals in a rapidly changing landscape. I’ll keep watch—and keep reporting.

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

(Editor’s note: A machine assisted in creating this content. I used ChatGPT-4o to accelerate research, to scale correlations, to distill complex observations and to tighten structure, grammar, and syntax. The analysis and conclusions are entirely my own — drawn from lived experience and editorial judgment honed over decades of investigative reporting.)

The post MY TAKE: Black Hat 2025 vendors define early contours for a hard pivot to AI security architecture first appeared on The Last Watchdog.