Cisco Unveils Open-Source AI Security Tools at RSAC 2025

Cisco Unveils Open-Source AI Security Tools at RSAC 2025

Cisco set the tone at Monday’s RSAC 2025 keynote by announcing a major open-source initiative aimed at securing the future of AI. Jeetu Patel, Cisco’s executive vice president and chief product officer, unveiled Foundation AI — a purpose-built, security-specific AI model trained on cybersecurity data. The model isn’t just open source in concept — Cisco is releasing the actual trained model weights, allowing researchers and developers to inspect, adapt, and fine-tune it.

The Foundation AI model is powered by 8 billion parameters and was trained on 5 billion carefully chosen tokens. It’s designed to be efficient, running on just one or two A100 GPUs, making AI-powered security more scalable and accessible. Patel emphasized the urgency of this move, warning that fine-tuned models are significantly more vulnerable to jailbreaks and toxic outputs.

Cybersecurity’s Greatest Strength: Community

Hugh Thompson, executive chairman of RSAC, opened the conference with a call to unity and adaptability, emphasizing that “community — it’s what makes us strong in cybersecurity.” He encouraged the 44,000 attendees to embrace change with a “Bayesian mindset,” being open to updating assumptions as new information arrives.

Thompson pointed to two seismic trends for the next 18 months: the transformation of application security into AI-driven defenses and the surge of adversarial attacks targeting AI models.

The Rise of Agentic AI in Cybersecurity

Vasu Jakkal, corporate VP of Microsoft Security, discussed the rise of agentic AI — autonomous digital systems that will reshape cybersecurity, governance, and daily life. She noted that by 2027, AI agents will predict attacks, dynamically adjust access permissions, and autonomously enforce security policies.

Jakkal emphasized that as agentic AI grows more powerful, security models must evolve alongside it. She highlighted Microsoft’s internal numbers showing the urgency: password attacks have jumped from 4,000 per second last year to 11,000 per second today, and tracked threat actors have quintupled from 300 to 1,500 within a year.

Ransomware Gangs Operating as Businesses

John Fokker, head of threat intelligence at Trellix, highlighted how ransomware gangs like Black Basta now operate as full-fledged businesses, sometimes with government backing. He confirmed Black Basta’s deep ties to Russian protection networks through leaked internal chats.

Fokker’s message remained hopeful: collaborative intelligence can outpace even state-backed adversaries. “We are one team, working together,” he said.

Community and Resilience

The day’s keynotes opened with Grammy-winning artist Common, who delivered a reflection on unseen service, resilience, and community. He celebrated cybersecurity professionals for protecting strangers they may never meet.

RSAC 2025 made one thing clear: innovation alone won’t define the future of cybersecurity — community will. As threats evolve and AI accelerates, it’s the strength of the connections forged here that will determine what comes next.