10 Cool New Security Products Announced At Black Hat 2025

Major vendors including Palo Alto Networks, CrowdStrike and Cyera have unveiled new security tools in key categories at the Black Hat USA conference.

Black Hat 2025

For threat exposure management startup Zafran—one of the many cybersecurity vendors unveiling new security offerings at Black Hat 2025 this week—the key to developing new products for customers and partners is to never be satisfied, according to Zafran co-founder and CEO Sanaz Yashar. “I’m the hardest customer of our platform,” Yashar told CRN.

The entire focus for a security vendor, she said, ought to be on “solving the problem—and all the other stuff is distraction.” And ultimately, “if you’re completely focused—and you understand [what the] experience is that’s lacking, and you’re not going to sleep until you solve it—I think the market appreciates that,” Yashar said.

This week in Las Vegas, the Black Hat USA 2025 conference has already seen a wide array of product launches from vendors ranging in size from startups such as Zafran, to fast-growing emerging players such as Cyera, to industry giants including Palo Alto Networks and CrowdStrike. Major themes for the new security product announcements at Black Hat 2025 include protection for AI and agentic systems, data security, vulnerability management and application security.

Black Hat USA 2025 takes place this week through Thursday, Aug. 7.

What follows are the key details on 10 cool new security products unveiled so far at Black Hat 2025.

Palo Alto Networks: Cortex Cloud ASPM

At Black Hat USA 2025 Tuesday, Palo Alto Networks debuted the newest offering for its cloud security platform, Cortex Cloud, with the introduction of Cortex Cloud Application Security Posture Management (ASPM). The new ASPM tool provides protection against application security risks including prevention capabilities, which ensure that such risks are addressed prior to application deployment, Palo Alto Networks said in a news release.

In connection with the launch of Cortex Cloud ASPM, Palo Alto Networks introduced an open partner ecosystem for AppSec that aims to enable consolidation of data from third-party code scanners into a single centralized platform. Vendor partners taking part in the new ecosystem include Snyk, GitLab, Veracode, IBM-owned HashiCorp, Black Duck, Checkmarx and Semgrep, according to Palo Alto Networks.

CrowdStrike: Falcon Shield Update

CrowdStrike said Tuesday at Black Hat USA that it’s boosting AI agent security on its Falcon platform through an integration with OpenAI’s ChatGPT Enterprise Compliance API. The move enables Falcon Shield to offer improved visibility around usage of AI agents through discovery of GPTs and Codex agents that are created in OpenAI’s ChatGPT Enterprise, CrowdStrike said in a news release.

In a separate announcement at Black Hat Tuesday, CrowdStrike unveiled a new release of Falcon Adversary Intelligence that aims to deliver “personalized” adversary insight for security analysts in real time, the company said in a release.

Snyk: Secure At Inception Tools

Snyk debuted a new set of tools, Secure At Inception, this week at Black Hat that aims to provide stronger security for AI coding assistants. Leveraging the popular Model Context Protocol (MCP) framework, Snyk’s Secure At Inception offering enables security scanning that is deeply integrated and provided in real time, as well as enhanced visibility into enterprise software components that are based on GenAI, agentic and MCP technologies. In addition, the offering provides a “new, experimental scanner for detecting AI-specific MCP vulnerabilities,” Snyk said in a news release.

Cyera: AI Guardian

Fast-growing data security vendor Cyera announced its next expansion into enabling AI adoption through the launch of its new AI Guardian offering. The company said that AI Guardian includes two new products that will complement Cyera’s existing data security offerings focused on DSPM (data security posture management) and DLP (data loss prevention). The new products are AI-SPM—which offers a complete, granular AI asset inventory—as well as AI Runtime Protection for real-time monitoring and response around risks related to AI data, according to Cyera.

Abnormal AI: Security Posture Management Expansion

Abnormal AI unveiled updates to its Security Posture Management offering to boost protection for Microsoft 365 usage. The expanded capabilities include broader visibility into misconfigurations in Microsoft 365 along with greater automation for prioritizing the highest-risk threat surfaces in the Microsoft 365 environment, according to Abnormal AI. The company also introduced improved remediation guidance that aims to avoid the need for scripting or manual audits, the company said.

Qualys: Agentic Risk Management Capabilities

Qualys unveiled a new set of agentic AI-powered risk management capabilities in connection with Black Hat USA 2025, which seeks to enable faster decision-making and more effective outcomes when it comes to risk reduction, the company said. The launch of Qualys’ new “AI fabric” includes a Cyber Risk AI Agents marketplace that can provide “real-time risk insights across all attack surfaces, prioritized by business impact,” the company said in a news release.

Zafran Detector

Threat exposure management startup Zafran said at Black Hat USA that it’s launching a new agentless tool for continuous discovery of vulnerabilities. The new Zafran Detector offering utilizes existing agents and other security controls in order to discover new vulnerabilities, the company said. The tool then assesses whether the detected vulnerabilities are actually exploitable, Zafran said. The launch of Zafran Detector ultimately “completes the company’s unified Threat Exposure Management Platform,” the startup said.

Bugcrowd: AI Connect

At Black Hat USA Tuesday, crowdsourced cybersecurity platform Bugcrowd unveiled a new offering aimed at enabling secure integration of AI systems with the company’s real-time feeds of vulnerability data. The new AI Connect capability “ensures data stays secure while enabling AI agents to deliver contextualized, trustworthy remediation guidance,” the company said in a news release. Bugcrowd also debuted its new Asset View capability that brings together asset discovery and management with scanning and offensive testing.

Cribl Guard

Cribl, which provides a vendor-agnostic data engine for observability and other functionality, said this week that it now offers improved detection and protection for sensitive information in telemetry data. The new Cribl Guard capability “empowers operators to proactively detect and protect sensitive data, reducing risk [and] ensuring regulatory compliance,” the company said in a news release. The offering bolsters the company’s observability pipeline, Cribl Stream, by detecting sensitive data including credit card numbers, passport information and Social Security numbers in the system, the company said.

Wallarm: API Revenue Protection

API security vendor Wallarm said Tuesday at Black Hat that it’s now offering what it called the industry’s “first-ever” capability that can quantify how API security can impact a customer’s business. The API Revenue Protection capability “empowers CISOs to become strategic business partners by quantifying how attacks impact revenue, disrupting attacker economics, and demonstrating financial ROI,” Wallarm said in a news release. The new offering includes automated identification of APIs that are considered “revenue-critical” as well as real-time insight into the revenue that is flowing through APIs and “advanced” threat protection, the company said.