Vendors at this week's RSA Conference in San Francisco are rolling out agentic artificial intelligence infusions embedded in cybersecurity platforms, new AI firewalls, cloud protection tools and other products that aim to stay ahead of cyber espionage trends.
About 42,000 people from 142 countries are reportedly attending the annual event – one of the world's largest cybersecurity events. Big names, including SentinelOne, CrowdStrike, Akamai Technologies, and innovative shops like X-PHY Inc. and Bugcrowd are showcasing how they are using machine learning to protect organizations against cyberattacks.
Acquiring novel AI security tech
Santa Clara, California-based Palo Alto Networks announced Monday that it has agreed to acquire Protect AI and its security technology to advance and accelerate the Prisma AIRS AI security platform.
With the addition of Protect AI's tools, Palo Alto's customers will be able to build AI applications with comprehensive security, according to Anand Oswal, senior vice president and general manager at Palo Alto Networks.
"As AI-powered applications become core to businesses, they bring risks traditional security tools can't adequately handle," Oswal said in a statement.
Protect AI CEO Ian Swanson, his cofounders and the company's employees are expected to join Palo Alto Networks when the deal closes, which the company estimates will happen in the first quarter of 2026.
Responding like an advanced analyst
SentinelOne said Tuesday that it has extended its native agentic capabilities, called Purple AI, to third-party security information and event management platforms and data lakes to accelerate end-to-end threat detection and response.
The AI "Athena" release automatically supports overstretched security operations teams by automating and speeding up triage and investigation with deep security reasoning, the company said.
"AI and automation have long held the promise of fundamentally transforming security operations and supercharging analysts to detect and respond – at machine speed – to threats from even the most sophisticated nation-state adversaries and cyber criminals," Tomer Weingarten, the company's cofounder and CEO, said in the announcement.
Purple AI’s Auto Triage jumps on alerts to determine threat identification for prioritization.
Combining on-prem and multi-cloud view
CrowdStrike unveiled its latest data protection innovation designed to stop encrypted file exfiltration, generative AI data leaks and software-as-a-service misconfigurations.
The company said Falcon Data Protection closes critical gaps that attackers exploit to steal sensitive data by providing runtime protection for cloud data at rest and in motion and eliminates the need for separate security tools for endpoint and cloud systems.
"Legacy data protection approaches fail because they're fragmented across environments, blind to encrypted exfiltration and incapable of stopping threats in real time," Elia Zaitsev, CrowdStrike chief technology officer, said in a statement.
CrowdStrike said the new security product is the security industry's first encrypted exfiltration prevention tool. It inspects sensitive data within encrypted archives like 7zip files as an attacker creates them and blocks data theft before files are locked and exfiltrated.
Stopping nefarious prompts and scrapes
Akamai, the Cambridge, Massachusetts-based cybersecurity and cloud computing company serving numerous industries, introduced multilayered protection for AI applications against unauthorized queries, adversarial inputs and large-scale data-scraping attempts on Tuesday.
The company said the new Firewall for AI protects generative AI from prompt attacks, harmful outputs and data exposures to keep organizations in compliance with privacy regulations, their use of generative AI safe and shield their intellectual property.
"Securing AI applications isn't just about blocking attacks, it's about enabling innovation without compromising security or performance," said Rupesh Chokshi, senior vice president and general manager of application security at Akamai, in a statement.
The new tool can be integrated via Akamai's edge platform or secure AI applications in any environment through REST API.
Enclosing off-the-shelf AI
Fortanix said it is previewing its genAI platform, Armet AI, at the 2025 RSA Conference.
The platform boxes every stage of the generative AI application process, from data access, ingestion and vectorization to LLM inference and response handling, within secure hardware enclaves to prevent unauthorized access to and alteration of data.
"Generative AI has the power to transform every industry, but only if it can be trusted," Anand Kashyap, Fortanix CEO and founder, said in a statement.
Because enclaves allow code and data to run in complete isolation from the rest of a system, developers do not have to choose between innovation and security, the company said.
Detecting deepfakes in real-time
Healthcare workforces are already experiencing deepfakes and need to prep, ChristianaCare CISO Anahi Santiago said ahead of her appearance at last year's HIMSS Healthcare Cybersecurity Forum.
Deepfakes pose risks in fraud, misinformation and impersonation attacks, but X-PHY, a developer of autonomous endpoint protection, said Monday that its new tool empowers enterprises to verify content integrity, protect brand reputation and mitigate insider threats.
X-PHY unveiled at RSA its real-time deepfake detection tool, which analyzes facial and voice anomalies using embedded Al algorithms and provides offline detection of synthetic media, the company said in a statement.
Releasing Red Team-as-a-Service
RTaaS brings the scale and flexibility of crowdsourcing to red teaming to help security leaders proactively identify new attack vectors and reduce risk by conducting, according to a blog post Monday by Bugcrowd.
Because red teaming is underutilized, the company said it is now offering three tiers of engagement through its platform.
The basic tier includes a full-spectrum attack simulation and delivers a final report with detailed findings and remediation guidance. The second tier is a blended approach for organizations that want to test continuous red team assessment and offers the addition of bug bounty-style testing, the company said. The third tier is continuous RTaaS.
"Traditionally, red teaming was only possible for large organizations that could either afford the services of security consultants or had a sizable security workforce to manage the workload alongside daily operations – and even then, findings were too often not actionable," Dave Gerry, Bugcrowd CEO, said in a statement.
Andrea Fox is senior editor of Healthcare IT News.
Email: afox@himss.org
Healthcare IT News is a HIMSS Media publication.
