Key Lessons from Black Hat 2025
The Trident team are back from an intense week at Black Hat 2025 - where 40,000 cyber professionals took over Mandalay Bay for training, networking and more conversations about AI than you can count. While the tech was front and centre, it was clear: this event is really about the people. Some of the most valuable connections happen not in conference rooms, but at 10pm karaoke.
Over the hundreds of conversations our team had over the course of the week, some key takeaways became clear:
1. Agentic AI is here to stay
The hype phase is well and truly over. Agentic AI is now embedded in SOCs and AppSec teams across the industry - from automating Tier-1 triage and phishing takedowns to driving full-scale investigations, the “AI-powered SOC” was everywhere. With AI-driven cyber attacks surging 47% this year, topping 28 million globally, it’s certainly needed. The takeaway? The only way to fight AI is with AI.
2. The threat landscape is getting smarter
Cloud breaches are climbing, and attackers are using AI to make social engineering even more convincing. Add in the potential impact from cuts to federal cyber agencies on CNI and defence, and it’s evident that we’re heading into stormy seas. In this fast-evolving environment, getting the basics right is more important than ever. The message we heard was that before founders consider investing in the myriad of tools available, they need to get their security fundamentals in line.
3. VC money is flowing (for the right story)
The Startup Zone and Innovators Summit were buzzing. Investors are backing AI-driven security innovations across SOC automation, threat hunting, identity security, GRC automation and deception tech. Yet despite many VCs indicating they are ready to make funding decisions, with the amount of competition in the scene it’s never a given. The founders who stand out are those telling a clear, human story about why they exist, not just what they do.
4. Partnering for success
There’s a huge opportunity right now to reinvent the wheel, and the founders who are skyrocketing are the ones who are doing something unique and different with their security product. After the Innovators Summit, we took away the fact that strategic alliances are the key to launching your GTM model. Getting advisors and design partners on board to ensure you’re meeting market need is critical. With our CISO Advisory Board eager to get involved in emerging tech, we’re happy to connect up any founders looking for support.
5. Personal brands win big
The people walking away with real opportunities had built their visibility long before the show - sharing insights online, speaking on stage and networking in quieter corners. The cyber community thrives on collaboration, and those genuine, consistent connections pay off. Throughout the conference, the theme of cooperation kept coming up and the sense of camaraderie was strong. Ultimately it makes sense - people buy into people, and this is why the cyber community is so powerful.
Black Hat 2025 was a whirlwind of insight, innovation and genuine connection with some of the best people in the industry. Trident specialises in supporting early-stage, VC-backed cyber vendors, so if we missed you this year, we’d still love to catch up on all things go-to-market in cyber.
Already counting down to Black Hat 2026!
