The Skinny
- Black Hat 2025 kicked off in Las Vegas' Mandalay Bay Convention Center from August 2-7 with specialized cybersecurity training sessions and a two-day main conference.
- Product and partnership announcements at the show reflected the trend toward proactive cybersecurity strategies and emerging technologies like artificial intelligence (AI).
- Exhibiting organizations included AppOmni, CyberProof, Palo Alto Networks, Vectra AI, and more.
Black Hat 2025 kicked off last week in Las Vegas, gathering the industry’s major players at the Mandalay Bay Convention Center for a six-day conference to discuss and showcase the emerging technologies dominating the cybersecurity conversation.
Artificial intelligence, proactive cyber risk leadership, and sector-specific risk—particularly in financial services—were the talk of the show floor, and the product and partnership announcements attending companies had on offer this year reflected this.
AppOmni
SaaS security company AppOmni revealed a number of updates to its platform to combat rising AI and SaaS risks. Enhancements comprise more powerful threat detection capabilities and support for 30 new applications, including ChatGPT Enterprise, OpenAI, and Cisco Secure Access.
Product packages include the Foundation starter edition, Advanced for larger organizations in need of stronger threat detection and SaaS security posture controls, and Enterprise for those companies with the highest SaaS maturity.
AttackIQ
AttackIQ unveiled a new AI cyber threat intelligence (CTI) analyzer at Black Hat 2025: Watchtower. Watchtower, designed to surface environment-specific adversary activity in real time, offers hyperlocal threat analysis, automated emulation scenario generation, and defense readiness validation capabilities.
Using the AttackIQ Virtual Advisor (AVA), Watchtower can correlate active threat activity with tailored testing recommendations for proactive control validation. It also provides real-world TTP mapping to Attack IQ’s Adversarial Exposure Validation (AEV) content to catch exposures likely to be overlooked.
BeyondTrust
BeyondTrust announced the addition of the Secret Insights capability to its Identity Security Insights solution. Secret Insights brings API keys, service account credentials, tokens, and other identifications into Identity Security Insights' deep visibility portfolio.
Users can discover unmanaged secrets and users with specific privileges across cloud and on-prem environments. Risk scoring and prioritization features are also newly available.
Additionally, Secret Insights can integrate directly with BeyondTrust's Password Safe tool.
CyberProof
CyberProof introduced cybersecurity Estate Management, which enables organizations to discover and manage assets across hybrid environments.
The company’s Threat-Led defense also received some upgrades, including asset discovery, classification, and prioritization with exposure management, detection engineering, and threat monitoring.
Defendify + NINJIO
Defendify and NINJIO partnered to integrate human risk management with technical security controls for SMBs.
NINJIO’s platform, which offers cybersecurity awareness training and phishing simulations to mitigate human risk, will pair with Defendify’s IT security suite to eliminate multi-vendor management and siloing. Capabilities include managed detection and response (MDR), endpoint protection, penetration testing, and vulnerability management.
The integrated platform is now available to existing and new customers with support for migration from standalone deployments.
KnowBe4
KnowBe4 announced plans to add six additional AI agents to its human risk management platform alongside the integration of its PhishML Insights capability into PhishER+. The new AI tool allows users to create custom confidence thresholds for email threat classification as well as detailed categorization explanations.
Palo Alto Networks
Palo Alto Networks tackled AI-generated code this year at Black Hat with the release of Cortex Cloud ASPM, a module designed to stop security issues before they reach production. Capabilities include automated remediation, proactive threat prevention, and critical risk prioritization without tool switching.
The module also includes an AppSec partner ecosystem for organizations to consolidate third-party code scanner data into a single platform.
Cortex Cloud ASPM is currently in early access. The company estimates general availability in the second half of 2025.
Picus Security + ThreatConnect
Picus Security announced a partnership with ThreatConnect to release the new Risk Quantification Module, a cyber risk management tool powered by ThreatConnect’s Risk Quantifier platform. The module combines continuous breach and attack (BAS) simulation with financial risk modeling to test security controls across cloud, network, and endpoint layers.
Simulations are mapped to the MITRE ATT&CK framework and are enhanced by Risk Quantifier’s financial risk calculations. All insights are visible within Picus’ Business Risk Dashboard.
PointGuard AI
PointGuard AI announced a major platform expansion at this year’s show. The AI security and governance platform now offers full-stack discovery and protection for AI assets, including source code repositories like GitHub, MLOps pipelines, and other components like models, datasets, notebooks, and AI agents.
The expansion enables hidden or unmanaged AI asset discovery, identification of specific security risks like prompt injections, and threat correlation across organizational infrastructure. Security teams can enforce governance policies throughout the AI development lifecycle. The platform now also provides coverage across major AI environments like Databricks, AWS, Azure, and GCP.
Semperis
Semperis’ Black Hat offering this year is the new edition of its Directory Services Protector (DSP) platform, Service Account Protection Essential.
Features include an identify and inventory process for service accounts across Active Directory (AD) environments, vulnerability and behavioral monitoring, and detection for suspicious, inactive, or unknown accounts.
The enterprise identity company also announced additional updates for DSP:
- Enhanced automation for managing AD and Entra ID objects
- Automatic rollback of unauthorized changes based on predefined rules
- A new attack visibility, system health, and risk scoring dashboard
Tenable
The Tenable One exposure management platform was updated with Tenable AI Exposure, a suite of policy management and risk mitigation capabilities for enterprise AI platforms. AI Exposure integrates directly into the Tenable One platform and offers comprehensive AI usage discovery, exposure management, and governance.
General availability is expected in late 2025 with a private customer preview program for early looks.
Tuskira
Tuskira introduced improvements to its Agentic AI Workforce, highlighting four key updates designed to speed up response times and threat identification:
- Threat Investigation: Utilizes AI to investigate advisories, zero-day alerts, and CVEs, and then simulates which risks can actually be exploited by threat actors.
- Proactive Response & Remediation: Compensating controls across EDR, IAM, SIEM, and WAF tools.
- Threat Modeling: Models and maps cloud-native and VMware environments to simulate attack paths.
- Simulation Engine Upgrades: Merging attack telemetry with control data enables more effective simulations.
Vectra AI
Vectra AI unveiled its new MCP Server offering at Black Hat this year, designed to bring natural language access to the company’s flagship platform via Model Context Protocol (MCP). With MCP Server, users of Vectra AI’s platform can interact with it through AI agents like Cursor.
The tool is currently available in early access to all Vectra AI customers, with new releases coming soon.