RSA Conference 2025 was nothing short of a spectacle, or as our COO and Co-founder, Sethu, calls it, a "cool kids' party." From start-ups to MNCs, students to seasoned architects, the event brought together the cybersecurity ecosystem with one dominant conversation: How AI is transforming security from reactive to proactive.

While many vendors showcased AI capabilities, conversations with CISOs and security leaders revealed a critical gap: they need AI that delivers tangible outcomes, not just more alerts.

At Zluri, we've been building precisely that through our VIA framework—Visibility, Intelligence, and Action. This comprehensive approach gives organizations complete visibility into their identity landscape, transforms real-time data into actionable intelligence, and enables automated remediation through no-code workflows. Here's what we learned from our hundreds of conversations at RSA.

The Rise of Non-Human Identities: Managing the Machine Majority

This year's RSA Conference highlighted a critical shift in identity management: non-human identities now vastly outnumber human users across enterprise environments. Machine identities—including AI agents, service accounts, certificates, keys, and access tokens—are proliferating at an unprecedented rate.

2025 is the year when machine identities outnumber humans by 45:1. Yet, most organizations still govern access with tools built for on-prem HR directories.

The management of these autonomous AI agents was a significant concern addressed throughout the conference. Without proper safeguards, these agents could inadvertently cause data breaches or misuse credentials. Security vendors emphasized the need for distinct identity and security measures for non-human entities.

Shadow IT and Shadow AI: The Unseen Threats

As expected, Shadow IT remains a significant challenge, but a new threat has emerged: Shadow AI. On the application front, over 60% of IT resources in a typical organization exist as either unmanaged or shadow IT. Visibility into organizational technology stacks is further diminishing at an accelerated pace with the widespread adoption of AI applications. Several CISOs expressed frustration with the challenges of detecting and addressing unauthorized technologies within their environments.

IT and security leaders were particularly intrigued by Zluri’s Patented Discovery Engine which uncovers all identities, applications and access risks in your ecosystem unlike traditional IGA tools which primarily depend on identity providers (IdPs), HR management systems (HRMS), and pre-existing application connectors, resulting in an incomplete view of application access.

Identity as the Cornerstone of Security in a SaaS World

In the session "Identity: The Last Bastion of Security Control in a SaaS World," experts discussed the pivotal role of identity in risk management and security control strategies. As enterprises increasingly rely on SaaS applications, ensuring secure and efficient identity and access management becomes critical. The session highlighted how attackers are targeting the identity stack, necessitating a reevaluation of identity strategies to protect against data theft, ransomware, and system compromises. In today's cloud-first environment, identity has become the primary security perimeter.

Zluri goes a step beyond traditional identity governance by not only capturing all identities but also their real-time activity data. While conventional IGA relies on static identity attributes from HR systems and directories, Zluri aggregates detailed activity logs across thousands of applications, providing a real-time picture of how entitlements are actually used.

The Pain of Manual Access Reviews: A Call for Simplicity

The most emotional conversations at RSA centered around the pain of manual access reviews. Security teams described processes taking weeks, involving hundreds of emails, and still failing to effectively mitigate risk. With the rise of hybrid work environments and increasingly complex access needs, traditional approaches simply don't scale. When asked about fully automated access reviews, we demonstrated how Zluri:

• Reduces review time by up to 90% by automating the entire workflow.
• Improves accuracy by eliminating human error.
• Ensures compliance with SOC 2, ISO 27001, HIPAA, and several other compliance frameworks

Our closed-loop remediation capabilities particularly resonated with security leaders at RSA, allowing them to automatically address access issues without manual intervention.

“The automated access reviews module has helped my team save 90% of our time for SOC2 audits. We have searched for various solutions in the field of Identity Governance and access management, but none were as robust as Zluri.”
- Omri Kedem, Global IT Manager, Assured Allies

AI and Automation: The Future of Identity Governance

The RSA ID IQ Report revealed that 80% of cybersecurity professionals believe AI will bolster cybersecurity efforts more than aid cybercriminals in the next five years. This optimism was reflected in the numerous sessions focused on leveraging AI-driven automation for enhanced security postures. 

While many vendors at RSA talked about automation requiring professional services or coding expertise, our no-code Automation Engine generated excitement by enabling security teams to build sophisticated automated processes without technical dependencies. 

Security leaders were particularly impressed with:

• Our pre-built library of 2000+ workflow actions for common identity governance scenarios.
• Visual workflow builder requiring zero coding knowledge.
• The ability to automate complex cross-platform processes spanning HR systems, ITSM tools, and SaaS applications.

Wrapping Up: Standing Out at RSA 2025

While RSA was full of great branding, it was clear that the real differentiator for vendors was not just flashy booths or attention-grabbing slogans. It was the ability to demonstrate tangible value in tackling pressing problems. Whether it was discussing the future of non-human identities or answering the perennial question about access reviews, we left RSA with more insight into the pain points of security leaders and how we can continue innovating to help them meet their identity and security goals.

At Zluri, we're not just keeping up with the future of cybersecurity—we're shaping it. Ready to see how AI and automation can transform your identity governance? Book a demo today to learn more!