IBM: An RSAC 2025 Meet & Greet Summary

Fresh off the RSA Conference 2025, Richmond Advisory Group shares quick summaries of the discussions we had with each of the companies we met with in our "RSA series". Note that some of the content may have been generated by an AI note transcriber but that all published content was reviewed and fact-checked by the profiled company. We are very grateful for the time each company spent with us.

We had several interesting conversations with IBM across various teams: Executives, product managers and marketers brought us up to speed on Guardium (data security), Verify (identity security), X-Force, Cyber Threat Management Services, and the Palo Alto Networks partnership.

In our chat with Vishal Kamat we discussed crypto agility solutions and customer understanding of encryption / quantum challenges. Crypto agility solutions focus on developing strategies that allow organizations to adapt their encryption methods quickly in response to evolving threats and regulatory requirements. Post Quantum Cryptography (PQC) is a less tangible discussion because of the unclear timing of cryptographically relevant quantum computers. However, IBM is seeing significant

growth in its Quantum Safe software and consulting services which means that the highly regulated and/or very large enterprises are beginning to earmark budget to discuss evolving their security programs to meet the PQC requirements.

We also discussed how IBM is evolving its Guardium portfolio to continue its focus on product capabilities for emerging threats. There is a strategic shift toward bringing identity and data security together as 'the new perimeter' which resonates with the market. We discussed how data and identity integration will evolve with AI agents and non-human identities perpetuate. 

Moving on to our chat with the Threat Management team, we met with Dave McGinnis, John Velisaris and Matt Shriner, including the RSAC announcement of the Autonomous Threat Operations Machine (A.T.O.M.). This "SOC robot" is an agentic digital labor AI solution that works across 200+ IBM clients today. It handles L1 and L2 security operations while humans remain involved at L3 and above which addresses the longstanding issues of alert fatigue and overwhelm. We were given a demo and we have to say it produced a full investigation of a complex incident in 80 seconds in front of our eyes. A similar investigation+report would take humans many days, if not weeks.

IBM's Predictive Threat Intelligence (PTI) is fully integrated with A.T.O.M. to enable autonomous threat hunts. PTI uses algorithms that analyze attack surface and malicious attacker activity, leverages asset inventories, and processes both structured and unstructured intelligence feeds. The agentic technology uses Kestrel for autonomous distributed threat hunting, can work with data in AWS S3 buckets and Azure data lakes using the Kestrel connectors. As an output, the tool shows all its work for threat hunters alongside a full report of findings. It provides recommendations for threat hunt queries relevant to the client environment, or, within the highest SOC analyst tier, can also execute hunting queries. 

The IBM Verify portfolio overview was next up with Bob Slocum, Patrick Wardrop and John Nielsen. The portfolio includes customer-managed/self-managed identity products

competing with key identity competitors. The traditional on-premises and modernized SaaS platform with API-first architecture provides identity security posture management (ISPM) with and identity threat detection and response (ITDR) capabilities identifying and remediating both human and non-human (NHI) identities. Credential management status tracking and compliance assist organizations in maintaining regulatory control and data sovereignty. The solution supports integration with third-party identity solutions and deployment flexibility across various platforms.

Finally we checked in on the Palo Alto Networks/IBM partnership meeting with Sheryl Chamberlain and Tim Van den Heede on the last day of the conference. The partnership has seen growth with targets exceeded by 400% compared to pre-partnership levels and significant pipeline year-over-year. Both companies are committed to the migration of QRadar SaaS (QROC) to Cortex and assisting companies with their overall security posture together where the deals make sense.

Palo Alto sales teams are learning different sales motions involved in consulting engagements and both SMEs stated that there are educational efforts in progress to continue that evolution. To learn about the combined offerings, clients are benefiting through engagements with the IBM X-Force Cyber Range, which creates immersive simulations through realistic breach scenarios.

Both executives highlighted IBM's A.T.O.M. Sheryl is impressed by the value clients are getting through the integration of A.T.O.M. and IBM’s managed service for Cortex XSIAM.

Richmond Advisory Group was thrilled to host Mark Hughes and Jake Paulson on our Cyber Sidekicks podcast which aired Tuesday May 6th. We discuss A.T.O.M. and IBM's Threat Intelligence Index.