Black Hat USA 2025: Picks Up Where RSA Left Off with Agentic AI Taking Center Stage
This year’s Black Hat 2025 was a powerful reflection of AI’s evolving dominance in cybersecurity. From the show floor to the keynote panels, one phrase echoed repeatedly: agentic AI.
AI Everywhere: Agentic, Autonomous, and Unavoidable
AI wasn’t just present, it was ubiquitous. Just from walking the floor, you could sense what questions were on everyone’s minds:
- How can our organization’s use of AI compromise our security posture?
- How are attackers weaponizing AI to outsmart our defenses?
- How can AI help my security operations reduce alert overload?
To say there was a lot of confusion and hype around AI would be an understatement. Many broad vendor claims were made, seeding more questions from attendees around how much autonomy do agentic systems need to have, and where are decisions made (agents or rules, or some combination). And, that’s the challenge. How do you separate the hype from reality?
Not surprisingly, this could explain why our white paper, “Understanding Agentic Security: Beyond the Hype” received so many downloads from show attendees.
Noise Cancellation
At Embed, we took a different approach. Instead of hype, we talked about one of the biggest security operations challenges, alert noise. As organizations add more tools to their security stack, more alerts are generated, adding to the deluge of alerts that SOC analysts must comb through every day.
Granted, most of these alerts are false positives, but it’s the one that slips by that keeps everyone up at night. Embed solves that problem by autonomously investigating and triaging alerts, and then giving you the alerts that matter. This results in stronger security and time given back to analysts so they can focus on more pressing matters. This clearly resonated to those we spoke to at Black Hat.
Learning, Lounging, and Lock-Picking
Beyond AI, some stand-out moments came from the creative and communal touches that Black Hat offered:
- Startup City buzzed with energy where cybersecurity startups presented, networked, and demonstrated the cutting edge of cybersecurity today.
- Bricks & Picks appeared as a fun place to hang out and build some creative Lego masterpieces. Alongside there were the hands-on lock-picking challenges that drew crowds eager to learn and pick locks under expert guidance (yes, picking locks! I wish I had time to learn, because it looked super cool).
- Meetup Lounge, nested among the hustle of the Business Hall, offered a quieter space to connect. Attendees could use the Black Hat Events app to schedule face-to-face or micro-meetings, which looked like a great idea (and a comfy place to sit down).
Other interesting spots included:
- The AI Lounge, another location to meet and greet.
- The Arsenal Labs, a hands-on, and what appeared to be very busy hacker playground with tools, targets, and real-time collaborative exploration.
- The Drone Zone, a place where attendees didn’t just talk about drone security; they hacked it, flew it, and mastered it firsthand.
Key Takeaways: Agentic AI & The Human Element
There was no shortage of AI messaging, tag-lines and AI talk, but at the end of the day, what seemed clear is the fact that:
- AI is here to stay, and it’s transformative to the cybersecurity industry. Get on the train, or risk being left behind.
- There’s a lot of confusion around AI. Trust and transparency in new AI-based systems will be critical to demonstrate and prove.
- There’s a human element to all of this, and I suspect once the dust settles, many of us will see that AI is not the panacea we expect (or fear) it to be. Reminds me of this blog, “Is AI Replacing Security Analysts? Should We Find New Careers?”
Wrap-Up: Black Hat 2025 in Perspective
The Black Hat hype around Agentic AI was tangible; no it was inescapable. Exciting, yes. Which sets high expectations to see where we will be at next year’s Black Hat.
Conference zones like Startup City, Bricks & Picks, Meetups, and Drone hacking rounded out the experience with creativity, connection, and hands-on learning. Time well spent in these spots.
The clear call to action? Build the visibility, governance, and human-controls around AI you deploy, or risk finding your defenses outmaneuvered. Now is the time for security operations teams to be looking at and implementing agentic security solutions, especially those that deliver measurable value coupled with trust and transparency.
