RSAC 2025: The Turning Point for AI in Enterprise Security?

RSA Conference 2025 in San Francisco was a breath of fresh air, literally and figuratively. The city felt more vibrant and welcoming, and the conference buzzed with genuine excitement. Unlike previous years, which were dominated by hype and theoretical discussions, this year’s focus was on tangible (not yet game-changing!) AI applications in cybersecurity. 

AI extended throughout the conference, from the keynotes through the track sessions and into the exhibition hall. What was different was, instead of theory and potential, there was a sense of practical application and immediacy to much of the content. 

AI-Powered SOCs 

One compelling example was Anthropic’s innovative approach to integrating their AI model, Claude, into Security Operations Centers (SOCs). I learned about this during an AWS panel discussion. In this setup, Claude autonomously oversees alert triage, log analysis, and citation generation for each decision, all under human oversight to ensure accuracy.  

This thoughtful blend of AI efficiency with human judgment mitigates common pitfalls like hallucinations or inaccurate assessments. 

Growing MCP Momentum 

Building on the momentum of MCP, both Wiz and Orca have launched their own MCP servers, enabling users to interact with their cloud security platforms through natural language queries. MCP, or Model Context Protocol, is an open standard designed to securely standardize data sharing and interoperability between AI systems and external tools, significantly simplifying integrations and enhancing operational efficiency.  

This rapid adoption underscores the industry’s shift towards AI-driven interoperability and user-friendly interfaces. 

Startups Leading AI Transformation 

The conference’s startup village further highlighted this transformative wave. New companies focused on runtime security, autonomous threat analysis, and AI-enhanced SecOps tools highlighted the promise of a vibrant and rapidly evolving landscape. Over the next 12 to 18 months, we’re likely to see exciting breakthroughs as these startups mature and scale their solutions. 

The Beginning of a Long Journey 

Yet, while these developments are promising, we must recognize where we currently stand in the broader adoption curve. Early users leaning heavily into AI solutions are predominantly in the Innovator and Early Adopter categories. These pioneers readily embrace new tech for competitive advantage, operational efficiency, and futureproofing. However, widespread adoption, crossing the chasm to the mainstream market, will require clear demonstrations of reliability, proven effectiveness, and measurable ROI to persuade the pragmatic Early Majority buyers. 

Key players (and Nucleus integration partners!) are already establishing themselves as innovators in AI-powered solutions: 

• SentinelOne: Provides advanced AI-driven endpoint protection and real-time threat detection capabilities. 
• Cycode: Offers AI-powered application security posture management. 
• HackerOne (Hai): Introduced Hai, an AI copilot enhancing vulnerability management by summarizing reports, suggesting remediation strategies, and integrating seamlessly into workflows via API. 

AI integration into cybersecurity is no longer about future potential; it’s today’s operational reality. For companies still on the sidelines, now is the moment to engage actively with these innovative technologies.  

As you evaluate these technologies, ask yourself honestly: Is this AI capability genuinely solving real-world problems for your organization? Or are you possibly dazzled by imagined solutions to issues that don’t truly exist, simply because the concept of AI feels innovative and exciting? (I’ve certainly been guilty of this myself.)  

Approach AI with curiosity but remain pragmatic and grounded in your organization’s actual needs and challenges.