Black Hat 2025 conference took place from August 2–7 2025 in Las Vegas, saw a wave of next‑gen security tools focused on AI, agentic systems, data protection, and posture management. Here are ten cybersecurity tools announced at Black Hat 2025.

10 Cool New Security Products from Black Hat 2025

Here are ten cybersecurity tools unveiled at Black Hat 2025.

1. Cortex Cloud ASPM – Palo Alto Networks

Palo Alto Networks unveiled Cortex Cloud Application Security Posture Management (ASPM), the latest expansion of its Cortex Cloud security suite. ASPM helps developers and security teams identify application security risks before deployment—enabling prevention rather than reactive remediation. Crucially, the launch includes an open partner ecosystem that consolidates third‑party AppSec scans into a single platform, integrating tools from Snyk, GitLab, Veracode, HashiCorp, Checkmarx, Semgrep and others.

2. Falcon Shield Update & Falcon Adversary Intelligence – CrowdStrike

On August 5, CrowdStrike announced an enhanced Falcon Shield integration with OpenAI’s ChatGPT Enterprise Compliance API. This enables discovery, visibility, and monitoring of internally created GPTs and Codex agents within enterprise environments. Alongside it, Falcon Adversary Intelligence now delivers personalized, real‑time adversary data to analysts, helping them understand threat actors faster and with greater precision.

3. Secure At Inception – Snyk

Snyk’s new Secure At Inception offering introduces live security scanning directly within AI coding assistants at Black Hat 2025. Using the Model Context Protocol framework, it provides real‑time vulnerability detection in GenAI components, agentic systems, and MCP‑based tools. Notably, the product includes an experimental scanner designed to catch AI‑specific MCP vulnerabilities before they become exploitable.

4. AI Guardian – Cyera

Cyera debuted AI Guardian, a suite of two complementary tools at Black Hat 2025:

• AI‑SPM delivers granular visibility into every AI asset within an organization, building a real‑time inventory of models, agents, and associated artifacts.

• AI Runtime Protection monitors behavior and data flows, responding to suspicious activity in AI workloads. This builds on Cyera’s existing DSPM and DLP capabilities to support secure AI adoption.

5. Security Posture Enhancements – Abnormal AI

Abnormal AI expanded its Security Posture Management offering for Microsoft 365. The update improves misconfiguration detection and risk prioritization across M365 environments. It also introduces intelligent remediation guidance to eliminate the need for manual auditing or scripting.

6. Agentic Risk Management Platform – Qualys

Qualys launched an AI fabric tied to its new Cyber Risk AI Agents marketplace at Black Hat 2025. It will deliver real‑time risk insights across an organization’s entire surface area. This agent‑driven framework enables risk prioritization and decision support based on business impact, enabling more effective and rapid risk reduction.

7. Zafran Detector – Zafran

Start‑up Zafran broadened its technology stack with Zafran Detector, an agentless tool for continuous vulnerability discovery. It leverages existing security telemetry (such as endpoint agents or other controls) to detect new exposures and then assesses their exploitability. Zafran positions Detector as the closing piece to its unified Threat Exposure Management platform.

8. AI Connect – Bugcrowd

Bugcrowd introduced AI Connect, facilitating secure integration of AI systems with its vulnerability intelligence feeds at Black Hat 2025. The platform ensures that AI agents can safely pull contextual vulnerability information for remediation, asset tracking, and decision‑making. Alongside AI Connect, Bugcrowd launched Asset View, which combines asset discovery, continuous scanning, and crowdsourced test results into a unified management lens.

9. Cribl Guard – Cribl

Cribl now offers Cribl Guard, enhancing data pipeline security by detecting sensitive information within telemetry data. Integrated into Cribl Stream, Guard spots regulated data such as credit cards, passport numbers, SSNs, or PII in logs and observability output—alerting or blocking as needed to support compliance and reduce risk.

10. API Revenue Protection – Wallarm

Wallarm’s new API Revenue Protection capability provides what it calls the industry’s first model to quantify how API threats impact business revenue. It identifies revenue‑critical APIs, tracks real‑time monetary flows through them, and applies advanced protections. The feature aims to help CISOs align API security with business outcomes and showcase ROI of protection efforts .

Broader Themes from Black Hat 2025

Here is what stole the spotlight at Black Hat 2025.

AI-First and Agentic Security Is Front and Center

A significant portion of the new launches—from Palo Alto, CrowdStrike, Cyera, Snyk, and Qualys—focus on securing agent‑based and GenAI systems. Products like Secure At Inception, AI Guardian, and Cyber Risk AI Agents reflect an industry shift: protecting not just human users, but autonomous AI agents, models, and code-based bots.

Data and AppSec in the Cloud Era

Several products emphasize application and data posture. Cortex Cloud ASPM enforces AppSec early in development, while platforms from Abnormal AI, Zafran, Cyera, Cribl, and Wallarm focus on securing SaaS, APIs, and live data flows. This aligns with growing priorities around cloud‑native environments and revenue‑critical services.

Automation and Workflow Intelligence

Many vendors highlighted tools that automate triage and response. CrowdStrike’s integration enables real‑time insight into AI abuse. Qualys’ AI agents and Cyera’s AI runtime protection orchestrate layered defense. Zafran Detector and Cribl Guard harness telemetry to continuously assess exploitable risk across infrastructure—all driven by agentless or low‑touch integrations.

Holistic Platforms and Partner Ecosystems

Palo Alto’s open ecosystem approach, Cyera’s convergence of DSPM and DLP with AI asset visibility, and Bugcrowd’s asset‑centric visibility paired with crowdsourced feeds show a trend toward platform consolidation, but also extensibility with best‑of‑breed partners.

Vendor Spotlight Black Hat 2025: Emerging Innovation and Market Movers

Here are some vendors that stood out at Black Hat 2025.

• Zafran stands out as a small startup expanding rapidly with Detector, positioning as a unified Threat Exposure Management provider that doesn’t rely on mass data collection.

• Cyera has deepened its platform with AI‑centric modules, giving defenders more control over AI asset inventories and runtime protection.

• Abnormal AI continues to refine posture and remediation for cloud mail environments.

• Bugcrowd’s new AI Connect leverages crowdsourced intelligence in AI workflows, and Asset View strengthens asset and vulnerability linkage.
  

Meanwhile, Palo Alto and CrowdStrike underscore a pivot to deeper, native AI understanding and governance in enterprise tools.

What It Means for Security Teams in 2025

1. Securing GenAI is now mainstream
   If your organization has rolled out any form of AI coding, agentic bots, or enterprise GPTs, you can now purchase tools specifically designed to discover, monitor, regulate, and protect these entities.

2. DevSecOps is converging with runtime posture management
   Instruments like Cortex ASPM and Secure At Inception signal that application security is moving left, while runtime tools like Cyera and Qualys bring continuous oversight—all feeding into holistic posture management.

3. Risk quantification becomes business language
   Tools such as Wallarm’s API Revenue Protection give CISOs dashboards they can share with finance or executives, converting security metrics into potential revenue impact and ROI.

4. Agentless options reduce deployment friction
   Zafran Detector and Cribl Guard show realistic alternatives for organizations that can’t deploy new agents but wish to derive posture insights from existing telemetry.
   

Conclusion

Black Hat 2025 highlighted a transformation: security products are now conceived around the protection of AI assets, agentic workflows, cloud-native data, and APIs—and packaged with automation, contextual intelligence, and business alignment at their core.

These ten emerging products—from market incumbents and challengers alike—point toward a future where the perimeter is defined not by IP ranges, but by data policies, code, APIs, and AI behavior. For security leaders, the message is clear: the focus is shifting from defending users to governing intelligent systems—and the tools are finally catching up.

Which of these newly unveiled cybersecurity products impressed you the most at Black Hat 2025? Share it with us in the comments section below.