Last updated at Mon, 21 Apr 2025 13:00:00 GMT
The live sessions may be over, but with every talk now available on demand, it’s the perfect time to reflect on the biggest takeaways from this year’s summit—and how they can help security teams move faster, act smarter, and take control of their attack surface.
From red teaming tactics to regulatory readiness, here are some of the standout lessons and ideas shared by speakers across the day.
1. Red Teaming Isn’t Just About Getting In—It’s About What Happens Next
In Outpacing the Adversary, Aaron Herndon, Senior Director, Sales Engineering at Rapid7 and Will Hunt, Co-Founder of In.security, reminded us that red teaming isn’t just about proving a breach is possible. It’s about helping teams understand how attackers think, where they’re likely to go, and whether detection and response controls actually work in practice.
From creative simulations to critical discussions on ethical boundaries and scope, the message was clear: red teaming is most valuable when it drives real organizational learning.
2. You Can’t Prioritize What You Can’t See
In Risk Revolution: Proactive Strategies for Exposure Management, panelists from Rapid7 and ESG made it clear that visibility remains the top challenge for most teams. Fragmented data, sprawling assets, and misaligned priorities are slowing teams down.
The solution? A unified, risk-aware approach to exposure management—one that considers cloud, identity, data, and application risk in context. Prioritization must reflect business reality, not just vulnerability severity.
3. Cloud Security Requires Context
In Demystifying Cloud Detection & Response, panelists shared how traditional tools aren’t built for dynamic, cloud-native environments. Logs are short-lived, workloads are ephemeral, and identity is often the weakest link.
To respond effectively, SOC teams need visibility, automation, and integrations that bring context across systems. The modern attack surface starts well before the endpoint.
4. Compliance Is Evolving. It's Not a Checkbox Exercise
From Chaos to Compliant brought practical guidance for navigating frameworks like NIS2, DORA, and SEC cyber rules, among others. The takeaway? Compliance and security are strongest when they work together.
With the right tools, processes, and internal alignment, compliance can become a strategic advantage—not just a box to tick.
5. AI Is Here. Use It Thoughtfully
AI was a recurring theme throughout the day, especially in AI in Action. Rapid7’s engineering and product teams showcased how they’re applying AI across triage, prioritization, and detection, while keeping responsible deployment top of mind.
The takeaway: AI can boost speed and scale, but human oversight and thoughtful governance are still essential.
6. Visibility Gaps Are Where Attackers Thrive
In Inside the SOC, Rapid7 threat hunters shared stories of real-world breaches where attackers operated undetected due to logging gaps, missing coverage, or misconfigured systems.
Whether it’s credential theft through Microsoft Teams impersonation attacks or ransomware in unmanaged environments, the message was clear: you need full visibility to stay ahead.
7. Security Is a Team Sport
Across sessions—from exposure management to cloud strategy to customer-led discussions—one thing was clear: effective security requires collaboration.
Security teams, IT, engineering, and compliance all need shared context and coordinated goals to defend today’s growing attack surface.
Catch Up or Rewatch: All Sessions On Demand
Every session from Take Command 2025 is now available to watch. Whether you missed one or want to revisit a discussion with your team, you can dive back in anytime.
