SOC-AI — AI as a Level 0 analyst: reducing workload and increasing precision in the Security Operations Center: aDvens, Hall 6, Booth 6-342

At it-sa, aDvens addresses two issues that are directly relevant to operational activities: the use of artificial intelligence in the Security Operations Center and the validation of endpoint security through a new EDR assessment service. AI is not presented here as a mere marketing promise, but as a “Level 0 analyst” that pre-filters flood of alerts, sorts out false positives, and thus frees up human analysts for more complex correlations and decisions. The transparency of the models, comprehensible metrics (false positive/false negative rate), and the operationalization of AI results within existing SOC playbooks are crucial for added value. In addition, the EDR assessment service offers the possibility to test endpoint detections in realistic scenarios and make defense capabilities measurable — an important step in aligning technology, processes, and personnel.

Platform — BarracudaONE: Consolidated AI platform against tool fragmentation: Barracuda (Infinigate), Hall 7, Booth 7-336

With the launch of BarracudaONE, Barracuda is focusing on platformization: The AI-powered cybersecurity platform is designed to bundle the portfolio into a unified solution, thereby counteracting the fragmentation of many individual solutions. Against the backdrop of numerous organizations struggling with heterogeneous tool landscapes, BarracudaONE aims to consolidate, increase transparency, and improve incident prioritization. For operators, this means examining how seamlessly existing solutions (SIEM, IAM, EDR) can be integrated, what governance and audit functions the platform provides, and how the AI decision-making logic is documented and validated.

Certificates — Automated certificate management for secure production communication: BxC (at Siemens), Hall 7, Booth 7-421

BxC focuses on automated certificate management in production environments — a topic that is often underestimated in IT/OT convergence. Digital certificates are key trust elements for machine-to-machine communication; their manual management is error-prone and does not scale. Automated lifecycle processes for issuing, rotating, and revoking certificates reduce attack surfaces, shorten response times, and are a prerequisite for secure, highly automated production processes. During evaluations, compatibility with existing PKI infrastructures and support for compliance and emergency processes must be checked.

Mobile — Mobile devices as a target: Focus on zero trust and mobile forensics: Jamf, Hall 9, Booth 9-414

Jamf focuses on the growing importance of mobile devices: Smartphones and tablets have long been workplaces, authenticators, and data storage devices all in one — yet they are often less rigorously protected than traditional endpoints. Solutions in the mobile security sector (forensic capabilities, mobile threat detection, zero trust concepts) must therefore be designed to be integrative so that mobile attack vectors do not become a weak point for corporate networks. The key is to embed mobile telemetry in central security processes and to be able to automatically isolate compromised devices and examine them forensically.

Management — Intelligent Threat Detection: AI-powered IT and security management: ManageEngine, Hall 7A, Booth 7A-212

ManageEngine presents on-premises and cloud solutions for IT and security management with a focus on “intelligent threat detection” — where AI is intended to support detection and prioritization. For hybrid infrastructures, integrated management of monitoring, IAM, and DLP offers operational advantages; the challenge lies in coordinating AI results with change and incident management processes and in maintaining data protection and compliance requirements when using cloud-based components.

Resilience — Immutable backups: The last line of defense against ransomware: Object First, Hall 9, Booth 9-221

With its focus on immutable backups, Object First is placing a clear emphasis on ransomware resilience. The threat landscape is evolving: smaller, agile attackers are increasingly targeting small and medium-sized businesses and critical data. Immutable backups are considered the last line of defense — recovery times, regular restore tests, and verifiability of immutability are key here. Organizations should design backup strategies in such a way that integrity, recoverability, and audit trails are traceable at all times.

Authentication — phishing-resistant MFA & supply chain sovereignty — security “Made in Europe”: Swissbit (Infinigate), Hall 7, Booth 7-336

Swissbit emphasizes the importance of phishing-resistant MFA procedures and positions hardware-based FIDO authenticators and passkeys as a robust alternative to SMS codes and push prompts. In addition, the company emphasizes supply chain sovereignty through its own production capacities in Europe. For operators with high requirements for traceability and sovereignty, such hardware authenticators are a useful building block for securing critical access — both digital and physical.

Sovereignty — Secure collaboration as critical infrastructure: Open-source alternatives instead of dependencies: Wire, Hall 9, Booth 9-134

Wire combines secure collaboration with the concept of digital sovereignty: The focus is on open-source-based solutions, resilient emergency and disaster protection, and the avoidance of dependencies on global big tech providers. Wire also takes a critical stance on regulatory interventions that could undermine end-to-end encryption. For public authorities and companies with high compliance and sovereignty requirements, it is essential to consider architectural decisions and legal consequences.

Final thoughts

The exhibitors show that the current security agenda is determined less by individual technologies than by their integration and operational readiness: AI support, platformization, automated certificate and backup processes, and hardware-based authentication together form the building blocks of modern, resilient security architectures. Decision-makers should not evaluate solutions in isolation, but rather focus their procurement decisions on interoperability, governance, testability, and supply chain transparency — only then will technical innovations translate into measurable security gains.