Many firms are showcasing their cybersecurity services and products this week on the 2025 version of the Black Hat convention in Las Vegas.
To assist minimize by means of the muddle, the SecurityWeek crew is publishing a digest summarizing among the bulletins made by distributors at Black Hat USA 2025, together with new services and products, updates to present choices, studies, and different initiatives.
That is the fourth and closing roundup. You may as well take a look at the primary, second and third half.
Irregular AI updates safety posture administration product
Human conduct safety agency Irregular AI has expanded its steady safety posture administration resolution to cowl Microsoft 365 environments. The add-on repeatedly detects misconfigurations throughout customers, apps, and tenants, and helps organizations prioritize points and offers them with remediation steering.
Black Kite launches Adversary Susceptibility Index (ASI)
Third-party danger intelligence agency Black Kite has launched Adversary Susceptibility Index (ASI), a product designed to assist danger administration groups establish which distributors of their ecosystem are most susceptible to particular risk actors. Capabilities embody risk actor intelligence for suppliers, vendor sorting by susceptibility, trade and geography-aware danger, and proactive vendor engagement.
CalypsoAI unveils upgraded solutionsAdvertisement. Scroll to proceed studying.
CalypsoAI, which makes use of ‘agentic warfare’ to check and safe AI purposes, has introduced upgraded variations of its Inference Defend and Purple-Staff options. Purple-Staff now incorporates Agentic Fingerprints, a function that provides prospects observability into how assault brokers behave. Defend now contains End result Evaluation, a brand new function that gives clear visibility into why prompts and responses are flagged or blocked.
CyberProof enhances Publicity & Protection Administration capabilities
CyberProof has rolled out enhancements to its Publicity & Protection Administration capabilities and introduced the introduction of cyber asset Property Administration. The brand new threat-led protection capabilities allow organizations to prioritize threats and dangers extra successfully, and optimize defenses for sooner response. Property Administration is a functionality that provides organizations the flexibility to streamline the invention of all property throughout hybrid environments.
Drata unveils AI agent for vendor danger administration
Drata has launched an AI agent for vendor danger administration, geared toward remodeling how safety and GRC groups handle belief. Drata leverages AI to create dynamic, autonomous belief administration that adapts in actual time and delivers ongoing validation of safety, compliance, and danger.
Fenix24 publishes report on legislation agency cybersecurity
Fenix24 and the Worldwide Authorized Know-how Affiliation (ILTA) have launched their newest joint report, Safety at Problem: 2025 State of Cybersecurity in Regulation Companies. The report provides a deep dive into the present cybersecurity practices, gaps, and dangers dealing with authorized organizations. A survey confirmed that phishing is the principle concern on this sector, cited by 50% of respondents. The report’s key findings additionally give attention to backups, MFA, safety confidence, exterior assessments, and main weaknesses.
HPE expands cybersecurity, resiliency and compliance options
HPE has expanded its cybersecurity, resiliency and compliance options as a part of its Aruba and Juniper safe networking portfolio. The corporate has superior community safety with a brand new SASE copilot for HPE Aruba Networking EdgeConnect. As well as, HPE Aruba Networking Central NAC expands zero belief coverage enforcement to HPE Juniper Networking and third-party gadgets. HPE additionally unveiled the Alletra Storage MP X10000 knowledge safety resolution, and HPE Zerto Software program, which provides a brand new integration hub to allow third-party purposes to entry HPE Zerto knowledge. CrowdStrike is the unique integration launch companion.
Minimus product enhancements
Safe container pictures supplier Minimus introduced new product enhancements, together with built-in Vulnerability Exploitability eXchange (VEX) help, new compliance dashboards and views, hardened helm charts for safety deployment, and integration with Microsoft for Single Signal-On (SSO).
Pentera provides new assault floor testing capabilities
Automated safety validation agency Pentera has launched AI-powered Internet Assault Floor Testing, that includes AI-driven payload technology and adaptive testing logic to emulate refined threats. The addition will allow extra context-aware and adaptive assault emulation, serving to safety groups validate their talents towards AI-assisted threats.
Push Safety introduces Phishing Detection Evasion Methods matrix
Browser-based detection and response agency Push Safety has printed a Phishing Detection Evasion Methods matrix, a useful resource designed to assist safety groups visualize and counter real-world identification threats by mapping TTPs throughout each part of the phishing lifecycle, and offering real-world examples.
RedSeal publicizes new merchandise
Publicity administration agency RedSeal launched Threat Radius, a danger prioritization and affect evaluation resolution designed to assist safety groups establish and remediate harmful exposures. The corporate additionally unveiled RedSeal One, an AI-enabled publicity administration platform designed to assist organizations scale back danger, streamline operations, and strengthen resilience throughout hybrid environments.
Sophos companions with Halcyon and Rubrik
Sophos introduced a partnership with Halcyon for real-time risk intelligence sharing and implementation of anti-tamper protections so every platform can monitor and safeguard prospects towards ransomware. Sophos additionally introduced a partnership with Rubrik to create an MDR-optimized Microsoft 365 backup and restoration resolution. Sophos stated these partnerships will allow better resiliency to cease assaults in progress and speed up restoration when an assault happens.
SpyCloud enhances investigations platform
SpyCloud rolled out an AI-powered improve to its investigations platform. The brand new device mirrors the tradecraft of elite cyber investigators, serving to safety and fraud groups automate and speed up complicated cybercrime investigations to floor insider threats. It quickly correlates breach, malware, and phishing knowledge with behavioral alerts from contaminated gadgets, producing completed intelligence in seconds.
Sysdig launches agentic cloud safety platform
Sysdig launched an agentic cloud safety platform that leverages autonomous AI brokers to research cloud environments for dangers and threats. A totally built-in AI cloud safety analyst named Sysdig Sage understands context from the whole enterprise and offers contextual remediation suggestions.
Tenable unveils new resolution for securing enterprise AI
Tenable introduced a serious enlargement of its publicity administration platform to safe the dangers launched by generative AI within the enterprise. Tenable AI Publicity is a complete resolution that gives an end-to-end method to see, handle, and management the dangers launched by generative AI. The answer’s capabilities embody complete AI discovery, AI publicity administration, and governance and management.
Tuskira upgrades Agentic AI Workforce
Autonomous safety operations platform Tuskira has enhanced its Agentic AI Workforce, including AI-powered risk investigation, preemptive remediation and response, application-aware protection, and an upgraded simulation engine.
Vanta publicizes partnership with XBOW
Vanta introduced a partnership with XBOW to carry autonomous AI pentesting on to its platform. The brand new capabilities allow organizations to run automated penetration exams with out the necessity for out of doors consultants, and launch and full exams instantly inside Vanta’s platform, streamlining testing into present safety and compliance workflows.
Vectra AI launches MCP server
Vectra AI has launched a Mannequin Context Protocol (MCP) Server, which is out there as early entry for all prospects. MCP allows integration between AI brokers and different purposes, and Vectra says its MCP server makes it simpler for safety groups to analyze threats and take motion.
Zimperium publishes report on cellular infostealers
Zimperium has printed a brand new report on cellular infostealers. The report focuses on 5 malware households: TriaStealer, TrickMo, AppLite, Triada, and SMS Stealer. The corporate discovered over 2,400 variants throughout 69 nations, with Southeast Asia recognized as a serious hotspot for infections. Essentially the most impacted industries have been finance, retail, and software program.
