As I wandered through the packed halls of the Moscone Center during the RSA Conference 2025 earlier this month, one thing became abundantly clear: IBM is no longer the sleeping giant of security. With bold innovations in AI security, identity management, and threat intelligence, Big Blue has awakened — and it’s making waves that are impossible to ignore.

The New Face of IBM Security

IBM’s presence at RSAC 2025 felt different this year. There was an energy and confidence emanating from the IBM booth immediately that caught my attention. Patrick Wardrop, who leads IBM’s identity security portfolio, shared that customer (and prospect) feedback on the solutions showcased throughout the course of the RSAC event was positive, and the excitement was palpable.

When it comes to security, IBM is often not top of mind as a solution provider, but the reality is that this enthusiasm from the industry isn’t accidental; it’s been a strategic, well-thought-out move by IBM. The product of a tenacious approach, deliberate investment, strategic acquisitions like HashiCorp, and a modernized approach to interoperability is quickly changing how the industry perceives IBM’s security capabilities.

ATOM: Security Gets Autonomous

Among IBM’s most impressive announcements was the launch of its Autonomous Threat Operations Machine (ATOM), an agentic AI system designed to provide autonomous threat triage, investigation, and remediation with minimal human intervention.

What struck me about ATOM is how it transforms the SOC experience. By leveraging multiple individual agents to augment existing security analytics solutions, ATOM helps accelerate threat detection, analyzes alerts with proper context, performs risk analysis, creates investigation plans, and executes remediation actions.

By automating threat hunting through the infusion of agentic AI capabilities, improved detection and response processing enables customers to derive more value, more quickly, from their security investments.

For security teams, which are often lean and stretched to the max, drowning in alerts and false positives, this could be a game-changer. Instead of chasing ghosts, they can focus on genuine high-priority threats.

Seeing the Future with Predictive Threat Intelligence

In the world of cybersecurity, being reactive is no longer enough. IBM seems to understand this better than most, unveiling its X-Force Predictive Threat Intelligence (PTI) agent for ATOM.

What makes PTI fascinating is how it leverages industry vertical-specific AI foundation models to generate predictive threat insights. By training on cybersecurity data and collecting information from more than 100 sources — including X-Force Threat Intelligence, open-source RSS feeds, and APIs — PTI creates contextualized threat intelligence that anticipates potential attacks based on adversary behavior.

This shift from indicators of compromise to indicators of behavior represents a significant evolution in threat intelligence. Instead of merely responding to known attack signatures, organizations can potentially get ahead of emerging threats.

Non-Human Identity: The Next Frontier

One area where IBM truly shone at RSAC was in addressing the growing challenge of non-human identity (NHI) management.

With enhanced observability and discovery tools now adapted to handle machine identities, IBM is tackling a critical but often overlooked aspect of security. The integration of HashiCorp’s Vault, Boundary, and Radar products creates what Wardrop described as “a really impactful security story” that manages the full lifecycle of machine credentials.

The Identity Fabric: Interoperability as a Strength

Unlike competitors who push for ‘rip and replace’ solutions, IBM emphasizes interoperability through its identity fabric approach. This pragmatic stance acknowledges the reality of enterprise environments.

“Just about every major Fortune 500 has more than one identity provider in place,” Wardrop noted. “We provide the tools to stitch all of that together into a unified identity experience.”

This includes integrations with competitors like Okta, Ping, and Microsoft—a level of openness that distinguishes IBM from many security vendors.

Legacy Integration Without the Headaches

Perhaps the most underrated jewel in IBM’s security crown is its Application Gateway, which allows legacy applications—even those with inaccessible source code—to integrate into modern identity frameworks.

“Let’s say you have a legacy web front-end developed 15 years ago and no one has access to the source code anymore,” Wardrop explained. “We have a solution that plugs in and enables SSO, passkey support, and modern authentication without modifying the application.”

For organizations struggling to modernize security while maintaining critical legacy systems — of which there are many — this represents a compelling middle path forward.

My Take: Experience Still Matters

In an industry obsessed with shiny new startups and two-letter slides, IBM’s resurgence reminds us that experience still matters enormously in security. IBM’s global consulting capabilities, especially in markets with unique regulatory requirements like Japan, provide a depth of service that few competitors can match.

As we navigate the AI revolution in security, having a partner with the deepest of tech expertise and decades of success delivering real-world outcomes might just be the difference between security theater and genuine protection. Big Blue is awake, and that’s great news for enterprise security teams worldwide.

 

This article was originally published on LinkedIn.

 

Read more of my coverage:

TELUS Leverages Zoho for Strategic Customer Engagement: A Conversation with TELUS Executives

Commvault’s Recovery Range: Transforming Cyber Resilience Through Immersive Experience

AI Trust Scores and Blockchain — the Foundations for the Golden Age of AI