The last time I attended a Black Hat USA conference in 2023, there were a couple of noticeable trends. One was that AI was suddenly everywhere. ChatGPT had exploded into the public consciousness at the end of 2022 and was quickly labeled as the most transformative technology in a generation. Cybersecurity vendors rushed to jump on the bandwagon. Whether it was clearly explained by vendors or understood by customers how AI was being integrated into their offerings at that point was a different story. But seemingly every company at Black Hat hoped to capitalize on it.
In 2025, AI was still a major theme at Black Hat. In a sign of how far both AI technology and usage have evolved in just two years, AI – especially agentic AI – was treated as both a powerful tool and a threat vector. Numerous vendors highlighted how their tools and platforms leverage agentic systems to unify, simplify, streamline and automate cybersecurity operations. In fact, in Startup Alley, it was possible to stand in one spot and see three booths with companies claiming to be the first agentic AI platform for the SOC. (As an aside, one thing that always strikes me at large, sector-specific technology trade shows is often how hard it is to tell one company apart from another by their marketing taglines…)
There were also a number of vendors selling solutions to protect companies from data leaks and other vulnerabilities stemming from the unauthorized use of LLMs like ChatGPT, Claude, etc. by employees. It seems like “shadow AI” is becoming as big of a security headache as “shadow IT.”
In 2023, Zero Trust was another common theme. While not a new concept by any means (the term was first coined in the 1990s while the concept of a Zero Trust Architecture was broadly popularized by an analyst at Forrester Research around 2010) many vendors were still building their products and marketing around it.
Maybe it’s just because the industry has (finally) completely internalized the idea that a perimeter-based approach is completely inadequate to today’s security threats, but there were noticeably fewer vendors centering their marketing around Zero Trust this year. It’s just part of the firmament now.
Another interesting trend at Black Hat was the evolution of the cloud security space. In 2023, a number of established cloud security vendors were scrambling to catch up to Wiz, which launched out of stealth in 2020 with a huge $100 million series A. From there it went on to become one of the fastest growing software companies of all time, hitting $100 million in ARR in just two years and a $10 billion valuation with a $300 million Series D in 2023. Combining an all-in-one platform that integrates posture, workloads, identity, data, runtime security and compliance with agentless deployment, Wiz essentially pioneered the CNAPP (Cloud Native Application Protection Platform) market. But its recent acquisition by Google for $32 billion has given some new life to competitors who can play on enterprise customer fears of lock-in or the gradual erosion of Wiz’s cloud neutrality. It also puts pressure on AWS and Azure to make a corresponding move. Look for more M&A here.
And then, of course, there is the fun stuff. Black Hat is always a great forum for companies to show some marketing originality. From furries, to robot dogs to real F1 race cars, there were a lot of creative ideas, booths and giveaways. (I will definitely be wearing the PacMan socks I snagged…)
What were your takeaways from Black Hat? And, of course, if your company went and didn’t get the media attention you were hoping for, get in touch.