Are you looking for smarter insights delivered directly to your inbox? Sign up for our weekly newsletters to receive essential updates tailored for enterprise leaders in AI, data, and security. Subscribe now!
Rising Threats in Cybersecurity
Cloud intrusions have surged by 136% over the past six months, with North Korean operatives infiltrating 320 companies using AI-generated identities. The group known as Scattered Spider is now capable of deploying ransomware in less than 24 hours. However, at Black Hat 2025, the security industry showcased a promising solution: agentic AI, which provides measurable results rather than mere promises. CrowdStrike recently identified 28 North Korean operatives posing as remote IT workers, highlighting the evolution of agentic AI from a theoretical concept to a practical tool for threat detection.
Operational Readiness Takes Center Stage
While many vendors at Black Hat 2025 presented performance metrics from ongoing beta programs or fully deployed agentic AI systems, the prevailing theme was operational readiness rather than hype or theoretical claims. Chief Information Security Officers (CISOs) interviewed by VentureBeat reported the capacity to process significantly more alerts with their current staffing levels, alongside considerable improvements in investigation times. However, the extent of these gains varies based on the maturity of implementation and the complexity of specific use cases. Notably, the conversation has shifted from aspirational roadmaps to tangible real-world outcomes.
The Limits of AI Scaling
Power caps, rising token costs, and inference delays are reshaping the landscape of enterprise AI. Join our exclusive salon to learn how leading teams are:
– Transforming energy into a strategic advantage
– Designing efficient inference systems for genuine throughput improvements
– Achieving competitive ROI with sustainable AI solutions
Secure your spot to stay ahead: https://bit.ly/4mwGngO
VentureBeat is also witnessing security teams making real efficiency gains that translate into the metrics boards prioritize. These advancements include reductions in mean time to investigate (MTTI), improved threat detection rates, and enhanced resource utilization. Black Hat 2025 marked a pivotal moment where discussions transitioned from AI’s potential to its measurable impact on security operations.
The Shift Towards Agentic AI
The dialogue at Black Hat 2025 was dominated by agentic AI, with numerous sessions dedicated to how attackers can easily compromise these systems. VentureBeat noted over 100 announcements regarding new agentic AI applications, platforms, or services. Vendors are now producing concrete use cases and results, a welcome departure from the empty promises of previous years. There is a pressing need to bridge the gap between hype and actual results.
Adam Meyers, head of counter adversary operations at CrowdStrike, articulated this urgency in an interview with VentureBeat: “Agentic AI truly becomes the platform that enables SOC operators to build automations, whether they’re utilizing MCP servers to access APIs. We’re increasingly seeing organizations leverage our agentic AI to integrate with Falcon and CrowdStrike systems.” The scale of the threat necessitates this response. “When adversaries operate at that speed, you can’t afford to wait,” Meyers emphasized, referring to how some attackers can deploy ransomware in under 24 hours. “Human threat hunters must be involved, ensuring they are ready as soon as adversaries gain access.”
Enhancements in Security Technologies
Meyers revealed the scale at which these systems are now functioning: “Last year, we analyzed 60 billion hunting leads, resulting in approximately 13 million investigations, 27,000 customer escalations, and 4,000 emails sent to customers.”
Microsoft Security introduced significant improvements to its Security Copilot, adding autonomous investigation capabilities that can correlate threats across Microsoft Defender, Sentinel, and third-party security tools without the need for human intervention. Palo Alto Networks showcased Cortex XSOAR’s new agentic features, demonstrating how their platform can autonomously triage alerts, conduct investigations, and execute remediation actions within defined parameters.
Cisco made a notable announcement at Black Hat, unveiling Foundation-sec-8B-Instruct, the first conversational AI model designed specifically for cybersecurity. This eight-billion-parameter model outperforms much larger general-purpose models, including GPT-4o-mini, on security tasks while operating on a single GPU. What distinguishes this release is its fully open-source architecture, allowing security teams to deploy it on-premises, in air-gapped environments, or at the edge without vendor lock-in.