Many companies are showcasing their cybersecurity products and services this week at the 2025 edition of the Black Hat conference in Las Vegas.
To help cut through the clutter, the SecurityWeek team is publishing a digest summarizing some of the announcements made by vendors at Black Hat USA 2025, including new products and services, updates to existing offerings, reports, and other initiatives.
This is part two of the roundup. The first part covers announcements made in the days leading up to the event, as well as some of the announcements made on Monday, August 4.
1Password study
1Password has announced new findings from a survey of North American security leaders on AI usage and emerging threats. Nearly two-thirds (63%) of security leaders feel the biggest internal security threat is their employees unknowingly giving AI agents access to sensitive data. Additionally, 50% say their organizations have experienced a confirmed or suspected cyber incident caused by AI or AI agents in the last six months.
Arctic Wolf announces new integrations
Arctic Wolf has announced new integrations with Microsoft, Oracle, OneLogin, and CyberArk. These new integrations expand the platform’s openness and flexibility, enabling organizations to address the challenges of fragmented security tools and increasingly dynamic environments.
AttackIQ launches Watchtower
Adversarial exposure validation firm AttackIQ has launched Watchtower, an AI-powered threat intelligence analyzer designed to provide visibility into the threat actors actively targeting enterprises. AttackIQ Watchtower hyperlocalizes threat intelligence and generates tailored emulation scenarios to deliver contextual insights.
Black Duck unveils enhancements to application security assistant
Black Duck Software has announced enhancements to Duck Assist, its AI-powered application security assistant. The new capabilities bring automated security scanning for AI-generated code and AI-driven code fixes directly into developer environments.
Cyware launches open source AI integration server
Cyware unveiled a major expansion to its AI-powered threat intelligence ecosystem with the launch of Cyware Model Context Protocol (MCP) Server, an open source capability that enables security teams to connect LLMs and AI assistants directly into their threat intel and automation workflows. The new MCP Server supports natural language-driven actions and investigations using secure AI agents, seamless integration with customer-owned LLMs, and full context and control across detection, enrichment, and response.
Darktrace cyber threat landscape report
Darktrace released a retrospective of the first six months of 2025, highlighting key trends across the threat landscape. Darktrace observed a wide range of tactics during this period, used by various types of threat actors, including APTs, Malware-as-a-Service (MaaS) and Ransomware-as-a-Service (RaaS) groups.
Flashpoint releases new AI search and investigation capabilities
Threat intelligence firm Flashpoint has released two new AI-powered capabilities for its flagship platform Flashpoint Ignite: AI Summarization for Search and AI Summarization for Investigations. AI Summarization for Search distills thousands of posts into clear, actionable insight in seconds. AI Summarization for Investigations is an automation that transforms investigations from an evidence-collection point into a dynamic, insight-generating engine.
Menlo launches Secure Storage
Menlo Security launched Menlo Secure Storage and Menlo Adaptive Web Modules. These two new offerings are designed to give organizations greater control over user experiences and sensitive data. Menlo Secure Storage allows users to upload and download files between trusted applications without saving anything locally. Menlo Adaptive Web Modules is a suite of cloud-based browser controls that gives organizations fine-grained control over how users interact with web content.
NetRise platform update
Software supply chain security firm NetRise has introduced a significant update to its core product platform to help users prioritize, mitigate, and remediate vulnerabilities found in the software they develop. New features include context on whether a vulnerability is reachable, SBOM editing, fix version data, and platform re-architecture.
Netskope expands platform
Network security company Netskope has unveiled two platform advancements. Netskope One Copilot for Private Access is an AI-powered assistant that optimizes universal zero trust network access deployment. Netskope Model Context Protocol (MCP) server, currently in preview, provides a secure bridge that enables LLMs like Microsoft Copilot, Claude Desktop, Google Vertex and Amazon Bedrock to interact directly and safely with Netskope APIs, enabling LLMs to gain context from a customer’s Netskope environment.
PointGuard AI expands platform
AI security and governance firm PointGuard AI announced an expansion of its platform to provide AI discovery, threat correlation, and protection across the full AI stack. The platform now scans GitHub and other source code repositories to identify AI-related components including models, datasets, notebooks, API calls, and libraries, along with connections to external applications or data sources.
Reveal Security unveils platform
Identity security company Reveal Security has launched the Reveal Platform, which provides complete visibility into identity actions, both human and non-human, across all SaaS, cloud, and custom applications. This complete view gives security teams the ability to preemptively take action before a security incident or breach occurs.
SandboxAQ launches AQtive Guard Protect
SandboxAQ announced AQtive Guard Protect, a solution designed to secure the full lifecycle of non-human identities and cryptographic assets. The solution provides deep observability into machine identities across multi-cloud, hybrid, and containerized environments. It also provides automation to reduce the overhead of managing and rotating secrets, as well as last-mile governance to ensure high-risk credentials don’t slip through the cracks.
Semperis offering protects highly targeted non-human identities
Semperis launched Service Account Protection Essential, a new edition of its Directory Services Protector, designed to tackle one of the most persistent threats in Active Directory environments: service accounts. The new tool helps organizations identify service accounts, build an inventory, and continually monitor them for security vulnerabilities. It also discovers unknown and misplaced service accounts, identifies risky configurations and critical exposures, detects stale and misconfigured accounts, and alerts on malicious and anomalous behavior.
SOCRadar launches agentic threat intelligence platform
SOCRadar launched SOCRadar Agentic Threat Intelligence, a new platform that automates threat intelligence through the deployment of autonomous AI agents that proactively detect, analyze, and respond to external threats with minimal human intervention.
XM Cyber integration with Google Cloud
XM Cyber announced that its Continuous Exposure Management (CEM) platform is now fully embedded into Google Security Operations, including its cloud-native SIEM and SOAR. This gives enterprises real-world exposure data to enrich threat detection—helping SOC teams cut through noise and act faster.
Xona platform update
Secure access solutions provider Xona announced the general availability of Xona Platform v5.4.2, a major update that extends centralized control, scalable auditability, and unified policy enforcement across globally distributed operational environments.
ZEST Security adds AWS Service Control Policies
ZEST Security announced the addition of AWS Service Control Policies (SCPs) as part of its broader exposure mitigation offering. This gives security teams a new, code-free way to proactively block attacker activity and reduce cloud exposure. By adding SCPs into its mitigation offering, ZEST is allowing security teams to proactively limit attacker activity and reduce exposure without waiting on patches and code changes.
