If you thought cybersecurity conferences were just about patching vulnerabilities and dodging phishing attempts, RSAC 2025 shatters those expectations! This year’s event at the Moscone Center was a whirlwind of digital security, diving deep into AI threats, quantum computing and innovative solutions. With over 44,000 attendees, more than 450 sessions and 600 plus exhibitors, the conference was ablaze with energy from experts and enthusiasts alike. The theme this year centered around AI security, particularly focusing on the challenges of securing AI systems, preparing for the quantum computing era and navigating the complexities of autonomous technologies.
One of the most insightful sessions I attended was Veracode’s panel on Application Security Posture Management (ASPM), featuring CISO Sohail Iqbal and VP of Product Derek Maki. The discussion centered around a common problem in enterprise security. The fact that companies often don’t know what they have, making it difficult to assess and strengthen their overall security posture. The panel emphasized the importance of breaking down silos between subteams and applying a unified lens across applications, business context, cloud environments and data, which Iqbal referred to as the ABCDs of security. They also challenged the audience to think beyond vulnerability counts. Rather than treating every threat as equal, they encourage applying a business lens to differentiate between true risk and simple control gaps. The Veracode panelist also briefly touched on the role of AI in modern application security, highlighting their AI assisted remediation capabilities. The team shared that Veracode was recently awarded a new patent related to this work, and they hinted at upcoming research to be released in the coming months. If this panel was any indication, Veracode has their sights set on what’s next, and they are ready for what’s to come.
Aside from incredibly informative sessions, the RSAC 2025 expo floor was both dynamic and entertaining. Kiteworks embraced the “Greatest of All Time” moniker by hosting live baby goats at their booth, symbolizing their commitment to top of the line data security. Meanwhile, Orca Security’s booth became a haven for attendees who were seeking comfort, offering cuddles with rescue puppies. A heartwarming metaphor for the peace of mind their cloud security strives to deliver. The creativity across the expo floor didn’t stop there. 1Password drew crowds with the Oracle Red Bull Racing Formula 1 car, celebrating their partnership, while Torq turned heads with the legendary Grave Digger monster truck, a fan favorite that brought serious horsepower to the scene. From custom shirts and immersive demos to live magicians and an impressive spread of creative drinks and delicious food, the expo floor was electric.
While the sessions and expo delivered an unforgettable experience, some of the most impactful moments came from the one on one interviews I had with executives from standout cybersecurity companies. These conversations provided a front row seat to the strategies, challenges and the culture that is shaping the future of this industry. From secure file sharing and mobile app protection to managed services and cloud directory platforms, each company offered a unique perspective. Here’s a quick spotlight on four that truly stood out: Kiteworks, Promon, JumpCloud, and Tigunia.
Kiteworks: Building Zero Trust from the Data Outward
In my conversation with Tim Freestone, CMO at Kiteworks, I got a deeper understanding of a company doing something few others in the cybersecurity space can claim: implementing Zero Trust at the data level. This ensures that sensitive information is protected throughout its lifecycle. Their Private Content Network (PCN) unifies, tracks, controls and secures private data across various communication channels, including email, file sharing, SFTP and managed file transfer, and web forms. Kiteworks platform enforces strict governance policies, automatically applying data controls to every transaction and maintaining detailed audit logs, which helps organizations stay compliant with regulations such as GDPR, HIPAA and CCPA.
Last year, Kiteworks announced the launch of its AI Data Gateway, which provides secure and governed data access in enterprise data AI systems. The gateway addresses critical security and compliance challenges in AI adoption, allowing organizations to harness the power of artificial intelligence while maintaining strict security and compliance standards. Many thanks to Tim for taking the time to share how Kiteworks is setting the standard for Zero Trust. He also shared that they have embraced the Rule of 50, a focused push for growth, profit, and performance, placing Kiteworks in the top 1% of their field. May Kiteworks continue to expand its reach and impact in the cybersecurity landscape!
Promon: Pioneering Mobile App Security
Promon has been at the forefront of mobile application security since its origins in academic research at the University of Oslo. They helped define the Runtime Application Self-Protection (RASP) category, positioning themselves as one of the first to offer in-app protection that operates in real time against reverse engineering, tampering, and unauthorized access. I had the opportunity to speak with their leadership team, including CMO Thomas Ford, CEO Daniel Kollberg, CTO Shawn Cooney and SVP Jan Krey. The team’s backgrounds are as dynamic as their technology, ranging from Daniel’s early career at IBM to Krey’s self-taught networking skills and Shawn’s hands-on mindset of liking to “break things and put them back together.” Through it all their core message was clear, mobile security should never stand still.
The team shared some insight about Promon’s flagship product, Promon SHIELD. It is used to protect apps and provides security from the inside out, guarding against code injection, repackaging and runtime manipulation. It integrates directly into the app and works silently in the background, offering real-time protection without needing server call or connectivity. It is fascinatingly used by more than 2 billion people globally, making it a trusted name in finance, healthcare, and beyond. With new features and continued innovations Promon remains focused on evolving.
JumpCloud: Redefining Directory Services in a Cloud World
JumpCloud is on a mission to bring Active Directory into the modern era, or as CTO and Co-Founder Greg Keller put it during our conversation, “Active Directory anywhere, in the Cloud.” Designed to be the cloud native alternative to Microsoft’s legacy directory services (now rebranded as Intra), JumpCloud offers a flexible identity and access control platform that’s scalable, secure, and tailored for today’s decentralized IT environments.
The company is fully remote first, with over 1,000 employees worldwide and operational roots in Colorado. What stood out the most during my interview with Keller was not just the technology, but the culture. JumpCloud has built a strong internal support system through its Enterprise Resource Groups (ERGs), including a Women ERG and a Hispanic/Latino ERG. These resource groups aren’t just checkboxes, they’re actively involved in offering career mentorship and representation for underrepresented groups in tech. It’s clear they’re building community with the same intentionality they bring to building their secure architecture.
Tigunia: Governance in Action
Tigunia isn’t your typical IT consultancy, they bring a global, hands-on approach to business operations, cybersecurity and infrastructure consulting. Based in the U.S but operating remotely internationally, the company supports organizations with everything from project management to security frameworks, all with a practical, real world edge. I met with James Nicholas, the VP of IT, during our interview it was clear that Tigunia’s value lies in its ability to turn governance into action. The team focuses on companies running Microsoft stacks, offering risk and compliance guidance through frameworks that go beyond theory. They support remediation, implementation and continuous security improvement, often partnering with DRATA, Secureframe and Sprinto to help businesses move from manual tracking to real-time visibility.
Nicholas was proud to share that Tigunia also provides exposure to a wide variety of environments, particularly through its work with MSPs and MSSPs. By leveraging tools like the STELLAR SIEM solution, their analysts gain enhanced visibility in order to stay in agile and secure environments that are in high demand. Whether you’re consulting on infrastructure or building a GRC roadmap from the ground up, Tigunia guarantees it is field ready and built to last.
Signing off from San Francisco
From puppies and goats on the expo floor to intriguing panels and personal interviews with some of the most enhanced minds in cybersecurity. RSAC 2025 was everything I had hoped for and more. It wasn’t just about ostentatious booths or new security tools, it was about connection. The kind that happens when you talk to founders from a company that was built out of a university lab, or security leaders who are reshaping what governance looks like. Aside from attending as a reporter, I was there as a graduate student in cybersecurity and a Latina woman in tech. Taking part in RSAC meant more than just covering the latest advancements. It meant representation, access, and inspiration. These kinds of experiences are what fuel the next wave of professionals, those of us that are working hard to break into this industry and carve out a space for others like us. A heartfelt thank you to Cyber Defense Magazine for awarding me the opportunity to be in the room, ask the questions, and shine a light on the people and companies pushing this sector forward. Until next time, RSAC!
About the Author
Angela Apolinar is a Cyber Defense Magazine Reporter and Women in Cybersecurity scholarship recipient. She is a graduate student in Cybersecurity and Information Assurance at Western Governors University and holds a B.A in Psychology from California State University, Fullerton. Angela has earned multiple certifications in information technology, networking and cyber defense. She has also demonstrated exceptional leadership throughout her academic career, notably as her college’s first female Computer Science and Cybersecurity Club president. Her commitment to mentorship and education is further exemplified by her position as a Cyber Mentor and Professor’s Assistant at Cypress College.
Currently a NASA Aerospace Scholar, she is diving into the world of space exploration and technology. Through this program, Angela is gaining invaluable insights into NASA’s cutting-edge technologies, space exploration strategies, and the role of cybersecurity in protecting critical systems that support these missions.
Her dedication to cybersecurity, leadership, and mentorship roles reflect her commitment to shaping a more secure and inclusive tech landscape. As she continues to grow in her field, Angela remains passionate about empowering the next generation of women and underrepresented groups in STEM, proving that with determination and vision, the sky is truly not the limit—it’s just the beginning! Reach her online at [email protected].
