RSA Conference 2025: Emerging Trends and Key Insights | WhoisXML API
Products APIs Data Feeds Web Tools Domain Research & Monitoring Enterprise Packages
WHOIS / WHOIS History
WHOIS / WHOIS History

Provide current and historical ownership information on domains / IPs. Identify all connections between domains, registrants, registrars, and DNS servers.

DNS / DNS History
DNS / DNS History

Look into all current and historical DNS / IP connections between domains and A, MX, NS, and other records. Monitor suspicious changes to DNS records.

IP Geolocation / IP Netblocks
IP Geolocation / IP Netblocks

Get detailed context on an IP address, including its user’s geolocation, time zone, connected domains, connection type, IP range, ASN, and other network ownership details.

Domain Research Suite (DRS)
Domain Research Suite (DRS)

Access our web-based solution to dig into and monitor all domain events of interest.

Domain Research Suite (DRS)
Domain Research Suite (DRS)

Get access to a web-based enterprise-grade solution to search and monitor domain registrations and ownership details for branded terms, fuzzy matches, registrants of interest, and more.

Research
Monitoring
White-Label
Predictive Threat Intelligence Feeds
Predictive Threat Intelligence Feeds

Predictive threat intelligence is your best first line of defense. Subscribe to the feeds to strengthen your cybersecurity posture. Contact us today for more information.

WhoisXML API Internet Infrastructure
Internet Infrastructure

Unlock integrated intelligence on Internet properties and their ownership, infrastructure, and other attributes.

Enterprise API Packages
Enterprise API Packages

Our complete set of domain, IP, and DNS intelligence available via API calls as an annual subscription with predictable pricing.

Security Intelligence (SI) Suite
Security Intelligence (SI) Suite

Offers complete access to WHOIS, IP, DNS, and subdomain data for product enrichment, threat hunting and more.

Multi-Level API User Administration Now Available - Manage individual API keys for team members in your organization.

Learn More
×
Contact Us
Read other articles Download PDF

RSA Conference 2025: Emerging Trends and Key Insights

RSA Conference 2025: Emerging Trends and Key Insights

The RSA Conference held in San Francisco from 28 April to 1 May 2025 attracted a record-breaking 41,000 attendees, and we’re thrilled to say that WhoisXML API representatives were among them. The global cybersecurity gathering featured 413 sessions and 656 exhibitors, all offering valuable insights into emerging cybersecurity trends—evolving threats, cutting-edge solutions, and industry best practices.

In this post, we’ll recap the recurring themes and key trends from the event and highlight the most impactful insights that will continue to shape organizations’ cybersecurity strategies.

AI in Security

AI was not just a topic of discussion but dominated product announcements, demonstrations, and keynote sessions. It’s clear that AI is increasingly being adopted as a core security driver for detecting and mitigating advanced threats, with many vendors relying on the technology to augment security operations and address increasingly sophisticated threats.

A significant number of new exhibitors, for instance, mentioned that they leverage AI for various security functions, including threat detection and response, vulnerability analysis, compliance automation, and even securing other AI applications.

Several speakers also tackled the dual role of AI. Sandra Joyce, VP of Google Threat Intelligence, presented a data-driven assessment of the impact of AI in cybersecurity, both today and in the future. She also offered some practical applications of AI in cyber attacks and defense.

Tomer Weingarten, CEO & Co-Founder, SentinelOne, also talked about the power of AI, but focused more on how it can augment human capabilities, specifically in SecOps and SOC workflows. He said, “The irreplaceable intuition and ingenuity of humans plus the relentless scale, precision, and speed of AI—these are the capabilities that we need to bring to bear through every layer of security. And security operations will then be completely reshaped.”

Identity and Access Management

RSAC 2025 revealed how organizations are reprioritizing identity security, with several solutions focusing on managing and securing digital identities, including the growing number of "nonhuman" identities associated with devices, servers, applications, and agentic AI.

Since traditional IAM is no longer sufficient, organizations need all the help they can get to answer the question, “Who can take what action on our data?” They should be able to control access to resources and automate access reviews, since forging or stealing an identity has helped data theft and ransomware become effective. In fact, attackers have even successfully bypassed MFA in adversary-in-the-middle (AiTM) attacks and other similar threats. 

With threats like that to identity and access, it’s no wonder that another trend that emerged across several discussions was passwordless authentication techniques, with Capital One being one of the organizations espousing it. The company’s Chief Technology Risk Officer, Andy Ozment, headed a session where he talked about how the financial institution has gone passwordless, the challenges they faced, and their key learnings.

RSA CISO Rob Hughes echoed the same sentiment toward passwordless authentication, advocating the transition from fewer passwords to passwordless, and demonstrating how passwords endanger organizations. He also shared why passwordless authentication must be part of an organization’s identity security life cycle.

Data Security and Privacy

Data security was also one of the recurring themes among first-time exhibitors, with several of them offering solutions for discovering, classifying, protecting, and ensuring the privacy of sensitive data across its life cycle.

In line with this are concerns about data breaches and ransomware, which is why several sessions also focused on secure storage and data immutability. These concerns aren’t unfounded—one session talked about research that uncovered how developers could unknowingly expose company secrets to attackers.

One of the culprits putting data security at risk could be the increasing use of low-code, no-code development tools, especially since adversaries are increasingly targeting software development platforms like IDEs, low-code environments, and code repositories. 

Home networks aren’t safe either—there are many hidden risks in home tech stacks that need to be addressed, not only to secure personal data but also to protect the organizations of those working remotely.

Whether at home or at work, it’s clear that data security and DLP are essential, and tech companies like Meta are taking the lead on developing modern data security approaches. Meta Security Engineer Robin Franklin Guha shared how the company developed a multistage classification engine that analyzes and classifies unstructured text data. This engine leverages a combination of ML techniques and Meta's Llama large language model to identify and categorize sensitive information within files stored on their internal platforms.

Cloud Security

The RSA Conference brought to light some threats to cloud security that piqued our interest. One was shared by Eric Johnson, an instructor at the SANS Institute, where he discussed how Kubernetes misconfigurations and application exploits can allow attackers to extract pod credentials and establish cloud persistence.

There was also a session on a forthcoming Cloudpocolypse—a situation where smarter threat actors, increased cloud adoption, and government attention can potentially create confusion about who is responsible for cloud security.

These threats to cloud security demand advanced security approaches, especially as organizations migrate more workloads to the cloud. A prime example of such an approach was MongoDB’s real-world implementation of AI-driven security measures tackled by the CSO of Bedrock Security in a session called “Harnessing AI to Enhance Cloud Security While Addressing New Attack Vectors.”

In line with this, the Cloud Security Alliance sponsored a session on “Transformation: Ushering in the Next Generation of Cybersecurity,” where representatives talked about the impact of AI on cloud security and how this helped shape the next generation of cybersecurity. And this was evident in specialized solutions for securing cloud environments showcased by first-time exhibitors. The solutions included those focusing on cloud-native security, cloud data protection, and security posture management for cloud deployments.

Threat Intelligence, Detection, and Response

Another prominent theme across several sessions and product demonstrations was the need for solutions and services that provide actionable threat intelligence, automate threat detection, and streamline incident response. The integration of AI into these solutions also emerged as a notable trend, with several speakers highlighting the need for threat intelligence to keep up with sophisticated threats.

For one, the increasing cases of brand impersonation require the use of AI to detect new domain registrations and fraud networks. Some organizations are looking into visual recognition technology to combat social media impersonation and protect brands.

Security approaches need to evolve, too. Mark Thurmond, Co-CEO of Tenable, said in his keynote speech, “To stay ahead, exposure management has to evolve into a self-driving system, not just detecting and prioritizing risks, but ultimately validating and remediating them at scale.”

Even blocking network threats, including suspicious and malicious domains, now requires a multilayered strategy that leverages real-time threat detection powered by ML and AI.

About WhoisXML API

WhoisXML API is a seasoned OEM data provider specializing in delivering well-parsed, normalized, and comprehensive WHOIS, IP, and DNS intelligence. With more than 15 years of industry experience, we have amassed a vast repository of data, encompassing 23.8+ billion historical WHOIS records, 50+ billion hostnames, 116+ billion DNS records, 10.5+ million IP netblocks, and 99.5% coverage of all active IPv4 and IPv6 addresses.

We offer a wide range of Internet intelligence solutions that serve as a robust foundation for leading cybersecurity products and services, empowering businesses to enhance their cybersecurity posture, gain deeper insights, and focus on core product development. 

Trusted by 52,000+ satisfied customers spanning cybersecurity, marketing, law enforcement, e-commerce, and financial services, WhoisXML API has consistently been recognized for its rapid growth and innovation, earning accolades as an Inc. 5000 honoree and a Financial Times Top Fastest-Growing Company.

Feel free to contact us to learn how our DNS, domain, and IP intelligence sources can empower your security solutions.

Related posts
Read other articles Download PDF
Try our WhoisXML API for free
Get started