State of Security Vendors: Blackhat 2025

2025-08-11/Andy Ellis

The 359 observed Blackhat vendors, by and large, did a decent job of making their booths tell you enough of what they did so that you could self-select who to talk to, because there isn’t enough time to talk to every vendor.  Almost 20% missed the mark: 16 vendors had no useful visible messaging and 55 had unclear messaging.

As expected, AI was everywhere (on 1 in 3 booths), and it was sometimes hard to tell exactly what a vendor meant about how they used AI.  118 vendors mentioned AI. 18 vendors appeared to be securing your AI usage, from GenAI to in-house agents (although only two mentioned MCP). 20 vendors mentioned agents/agentic, and another 20 used AI as an adjective (AI-led, AI-enhanced, etc), while 60 just mentioned AI.

The biggest space?  Code security, with 105 vendors (not including the application delivery side of the house).

Surprising absence? Deepfake detection.  Maybe all the VCs are excited about it, but only 3 vendors on the show floor advertised it … and one of them was a reseller of another.

Platforms abound! 32 vendors mentioned being some kind of platform.

Untrusted? Zero trust only appeared on 6 booths.

Read the full report:

State of Security Vendors-Blackhat 2025Download

Attend one of our workshops on Cultivating CISOs!

Posted in

Andy Ellis

CEO. A visionary technology and business executive with deep expertise in security, managing risk, and leading an inclusive culture.