RSAC 2025 delivered an unforgettable week of cybersecurity insights and innovations. As the industry gathered to tackle the latest threats, one challenge loomed: the security risks posed by unfederated identities, unmanaged devices, applications, and AI-powered tools accessing company data without proper governance controls. From hands-on demos in the booth to insightful discussions at the 1Password Paddock, our team showed how 1Password Extended Access Management empowers organizations to secure every sign-in, to every application, from every device without slowing down productivity.
We’d like to thank everyone who stopped by our booth, whether to get hands-on with our latest tools or snap a photo with the Formula 1® Oracle Red Bull Racing car. As the official cybersecurity partner of the Oracle Red Bull Racing Team, Oracle Red Bull Racing counts on 1Password to secure access to the confidential information that fuels its championship-winning strategies.
To see how the car was displayed and how the 1Password booth came alive, you can watch the recap video below:
What exactly did 1Password get up to at RSAC 2025? Let’s dive into what made RSAC such a groundbreaking and jam-packed week.
Day 1: Setting the stage with our customers
It’s in 1Password’s DNA to put people first.
As everyone flew into San Francisco, adjusted to the time change, and piled in for a week full of learning and networking, we decided to host a celebratory happy hour. And who better to celebrate than our customers?
The event, held at the 1Password Paddock and hosted by David Faugno, Co-CEO at 1Password, and Abe Ankumah, CPO at 1Password, centered around the customers who have helped make 1Password great. Featuring stories from leaders like Chris McConnell, Director of Digital Transformation at DeepWater, and Johan Dowdy, Global Head of IT and IT Security at Asana, attendees heard inspiring insights. They explored how businesses secure access while empowering their teams today and in the rapidly approaching future.
Afterward, 1Password and GuidePoint Security co-hosted a relaxed evening of connection and conversation at The Grand Nightclub. It provided a welcoming space for attendees to unwind, catch up with peers, and kick off the week with the security community in style.
Day 2: Leading by example
As RSAC 2025 settled in, so did the sharing of perspectives, experiences, and tips because a strong security community is a collaborative security community. Let’s look at some of the sessions 1Password hosted on the second day of RSAC.
Thought leadership champagne breakfast
The day began with shared observations between Matthew Bell, Chief Analyst at Canalys, and Dave Lewis, Global Advisory CISO at 1Password, discussing key trends and challenges in the digital landscape.
As attendees sipped on some hard-earned bubbly, they soaked up all the knowledge Bell and Lewis had to share. They dove deep into shadow IT, third-party risk, and securing the modern workforce while connecting with peers in a collaborative setting.
Cutting through the noise: What really matters in security
Shortly thereafter, Alex Rice, Founder & CISO of Hackerone, moderated a session featuring Jacob DePriest, CISO at 1Password, and Pedro Canahuati, CTO at 1Password, that provided actionable ways to address today’s top security challenges head-on; fluff or filler was turned away at the door.
Attendees learned how to close the Access-Trust Gap (a common theme amongst these sessions) by securing sign-ins, enforcing least privilege, and ensuring only trusted devices and applications have access without disrupting productivity.
Enterprise security playbook with the Golden State Warriors
The last session of the day served as a reminder that winning isn’t a fluke; it takes precision, strategy, and confidence in execution day after day. Over the last decade, no team in the NBA knows that better than the Golden State Warriors, as they revolutionized the modern offense with the three-point shot.
However, winning can’t just occur on the court; it must happen behind the scenes to ensure everything operates smoothly and securely. To show how that’s possible in today’s cybersecurity landscape, speakers Dave Lewis and Daniel Brusilovsky, Golden State Warriors VP of Technology, conducted a fireside chat that explored how Extended Access Management helps organizations balance security, agility, and efficiency by ensuring the right access at the right time.
Day 3: The future of cybersecurity is today’s threats
If Day 2 laid the foundation for extended access management, Day 3 built on it with sessions that held a keen eye toward the cybersecurity threats truly worrying the security community today.
Beyond SSO: Closing the biggest security blind spots
You must deliver something juicy to get folks in for an 8:00 AM session. Jason Meller, Vice President of Engineering at 1Password, and Dave Lewis did just that.
This session exposed the limitations of relying solely on SSO as a complete security solution and why it is not enough to protect your organization. They explained how 1Password Extended Access Management challenges the status quo by securing every sign-in, for every app, on every device to help close the Access-Trust Gap.
Donuts and Device Trust
And the only way to keep a captive audience after such an informative session is to have the next session feature food in the title. Because who doesn’t like donuts? According to Jason Meller, security leaders, that’s who.
Today’s typical Identity and Access Management (IAM) strategy resembles a donut: popular but with a significant hole in the middle. Yet, organizations repeatedly struggle to fill in the void at the center because they are not solving the Access-Trust Gap using modern security tools correctly.
That’s why this session offered security leaders practical strategies for strengthening IAM by rethinking how to implement device trust. Attendees learned how decoupling device trust from Identity Providers can help address complex challenges like non-SSO apps, multiple IdPs, and non-web access while preparing for the rise of AI-driven agent sprawl.
Protecting your business from agentic AI risks
While 2024 highlighted the security risks of AI in the workforce, 2025 is when those security risks can no longer be ignored. Why? Agentic AI has changed the world and the way we work.
This session, led by Dave Lewis, explored the emerging security challenges of agentic AI systems capable of autonomous actions and data access. Attendees learned tactical solutions for managing risks like credential misuse and privilege escalation to safely implement autonomous technologies in their organizations.
GRC Happy Hour: A Drata & 1Password CEO discussion
As you can gather, the productivity gains and threat landscape of agentic AI dominated conversations at RSAC 2025.
Fresh off our recent strategic partnership announcement, this fireside chat brought together David Faugno, co-CEO of 1Password, and Adam Markowitz, CEO of Drata, to explore how Governance, Risk, and Compliance (GRC) is evolving into a strategic business driver. Attendees gained insights into managing AI risk, SaaS sprawl, and shadow IT while building scalable access strategies that replace reactive compliance and support proactive trust and security.
Day 4: Wrapping up RSAC 2025
As RSAC 2025 waned, we still had 1Password folks working hard to spread the word on security.
Namely, Wendy Nather, Senior Initiatives Director at 1Password, and other industry experts led a panel to revisit the Security Poverty Line 14 years after Wendy first introduced the concept. They explored how resource disparities shape security outcomes, how greater awareness and policy changes can help bridge the equity gap, and how doing more with less leads to more creative security approaches.
Following the panel, 1Password upheld an RSAC tradition by hosting the 15th Annual Disaster Recovery Breakfast. This breakfast gathering offered a laid-back setting for candid conversations on today’s most pressing cyber risks. Attendees connected with peers, the 1Password team, and Securosis Founder Richard Mogull to kick off their day with actionable frameworks and community discussion.
The booth experience and what’s to come
Whew, that was a lot!
However, it doesn’t stop there. For the folks who couldn’t visit the 1Password Paddock, we brought all that knowledge to them on the RSAC floor.
Aside from the Formula 1® Oracle Red Bull Racing car, if you happened to pass by our booth throughout the week, you were bound to catch rolling sessions educating the crowd on two pressing topics: 1Password Extended Access Management and agentic AI.
1Password Extended Access Management Lightning Talk
This session introduced how 1Password’s Extended Access Management helps close the Access-Trust Gap in today’s evolving work environments. Speakers explained how 1Password Extended Access Management secures every sign-in, for every app, on every device while supporting employee productivity and flexibility.
Attendees learned how 1Password Extended Access Management reduces the risk of ransomware, shadow IT, and data breaches by ensuring only trusted access to company resources. With Extended Access Management’s transparent and adaptive approach to security, security practitioners can better align with how modern teams work.
AI Lightning Talk
This session explored the growing impact of agentic AI and how autonomous agents are reshaping enterprise workflows and access models. Speakers highlighted the new risks introduced by machine identities and AI-driven automation, emphasizing the need for fine-grained, auditable controls.
Attendees learned how 1Password Extended Access Management helps developers, security, and IT teams securely manage agentic AI with scoped permissions, rotating secrets, and policy-based access. If your organization is to stay secure in the era of AI, complete visibility and automation are critical.
New capabilities coming to 1Password Extended Access Management
It wouldn’t be an RSA conference if 1Password didn’t have something new to share. We showcased key updates coming to 1Password Extended Access Management:
- Extended Device Compliance: Enforce device health checks for corporate and personal devices before granting access.
- Access Governance: Full visibility and control over SaaS usage, including shadow IT and orphaned accounts.
- App Launcher: A centralized, secure portal for accessing managed and unmanaged business apps.
- XAM Console: A unified admin hub for policy enforcement, lifecycle management, and visibility.
These features will give IT and security teams the tools to address unmanaged apps, enforce compliance, and reduce risk without slowing teams down.
Regarding secure productivity, if you’re looking for 1Password’s solution to safeguarding agentic AI, our answer is the new 1Password SDK for Agentic AI.
As organizations face the risks and rewards of agentic AI, 1Password SDK for Agentic AI enables secure, scoped, runtime access to secrets, allowing AI agents to work with sensitive information while maintaining strong access controls. For example, an agent booking a business trip might access a travel site, send a receipt via email, and start an expense report. All of that is possible without giving it broader access than needed.
By applying the principle of least privilege, teams can move faster while maintaining full governance.
Want more?
That’s a wrap from San Francisco and RSAC 2025. To learn how 1Password secures every sign-in, to every application, from every device, join us for the Close the Access-Trust Gap webinar. We can’t wait to see you next year!
1Password
Tweet about this post