Every prize at the The Game Awards from the Peacock theater in Los Angeles
Clair Obscur: Expedition 33 – WINNER
Death Stranding 2: On the Beach
Donkey Kong Bananza
Hades II
Hollow Knight: Silksong
Kingdom Come: Deliverance II
© Photograph: Michael Tran/AFP/Getty Images
© Photograph: Michael Tran/AFP/Getty Images
© Photograph: Michael Tran/AFP/Getty Images
Clair Obscur: Expedition 33 won nine awards, including game of the year, while newly announced games at the show include the next project from Baldur’s Gate 3 developer Larian Studios
At the Los Angeles’ Peacock theater last night, The Game Awards broadcast its annual mix of prize presentations and expensive video game advertisements. New titles were announced, celebrities appeared, and at one point, screaming people were suspended from the ceiling in an extravagant promotion for a new role-playing game.
Acclaimed French adventure Clair Obscur: Expedition 33 began the night with 12 nominations – the most in the event’s history – and ended it with nine awards. The Gallic favourite took game of the year, as well as awards for best game direction, best art direction, best narrative and best performance (for actor Jennifer English).
Continue reading...
© Photograph: Michael Tran/AFP/Getty Images
© Photograph: Michael Tran/AFP/Getty Images
© Photograph: Michael Tran/AFP/Getty Images
Cloud adoption has fundamentally reshaped security operations, bringing flexibility and scalability, but also complexity. In this session from the Take Command 2025 Virtual Cybersecurity Summit, Rapid7’s product leaders discussed how today’s SOC and MDR capabilities must evolve to keep up. Hosted by Ellis Fincham, the panel featured Dan Martin and Tyler Terenzoni, who shared real-world insights on what cloud detection and response truly requires, what CNAPP can and can’t solve, and how to bridge the growing gap between alerts and actionable context.
Traditional SOC tooling often struggles to keep up with cloud-native architectures. Dan Martin opened the discussion by highlighting a key shift:
“Detection doesn’t start at the endpoint anymore. It starts with understanding your architecture.”
The panel emphasized that while cloud offers flexibility and scale, it also introduces operational complexity. From short-lived containers to decentralized ownership, cloud environments require a different approach.
Tyler Terenzoni spoke to the importance of understanding what’s running and who owns it:
“There’s always a disconnect between what engineering thinks is in the environment and what security actually sees.”
He noted that cloud visibility isn’t just about logs, but also understanding user behavior, policy changes, and asset configuration in near real-time. Without this, SOC teams are often reacting to alerts without enough context.
This issue was reflected in the post-event survey, where 35% of respondents listed lack of visibility across the environment as a primary challenge in their threat detection efforts.
The panel clarified that Cloud-Native Application Protection Platforms (CNAPPs) are useful, but not a complete solution. According to Dan Martin:
“CNAPP is great for giving you coverage, but it doesn’t give you the operational context your SOC needs.”
Integrating CNAPP data into SIEM, XDR, and MDR platforms enables richer investigations and tighter correlation across sources.
Rather than focusing on the volume of alerts, the speakers urged security leaders to ask: can we act on this alert quickly and with confidence?
Dan Martin shared:
“It’s not about reducing alerts, it’s about giving your analysts the context to know what matters and what to do about it.”
Tyler Terenzoni added that turning alerts into action requires better integrations and unified telemetry. Without that foundation, even advanced detections can lead to noise and inefficiency.
While the session didn’t center on AI, the panel acknowledged its growing role in detection workflows. Dan Martin noted:
“AI helps with triage and correlation, but your success still depends on how well your tools talk to each other.”
The emphasis was on automation that supports analysts, not replaces them, especially in cloud environments where missteps can be costly.
If your team is looking to strengthen cloud detection, improve response times, or better align MDR with cloud operations, this session offers real-world insights and practical guidance.
As India's economy rapidly digitizes, cybersecurity challenges are becoming increasingly complex. This May, Rapid7 launched our inaugural Global Security Day series across India, bringing together top security leaders in Mumbai, Delhi, and Bengaluru to address the most pressing cyber threats facing organizations in 2025.
Across all three cities, several critical themes emerged that are shaping India's cybersecurity landscape:
AI is No Longer Optional: Organizations recognize that AI has become essential for threat detection, exposure management, and SOC operations. The question is no longer whether to adopt AI, but how to implement it effectively.
Attack Surface Explosion: Cloud misconfigurations, insecure APIs, and identity misuse are driving today's biggest risks. Organizations are struggling to maintain visibility and control across increasingly complex environments.
SOC Modernization is Urgent: Traditional Security Operations Centers need fundamental transformation, with automation and AI at their core to handle the volume of modern threats.
Talent Gap Challenges: Upskilling and reskilling initiatives are critical to closing the cybersecurity talent gap that's affecting organizations globally, but particularly acutely in India's booming tech sector.
Regulatory Evolution: India's evolving cybersecurity regulatory landscape is shaping how organizations approach their security investments and strategy development.
Our three-city roadshow, organized in collaboration with Information Security Media Group (ISMG), focused on the theme "2025 Cyber Threat Predictions: AI-Driven Attacks, Ransomware Evolution, and Expanding Attack Surface." The response from India's cybersecurity community was overwhelming, with 138 security leaders and delegates participating across all three cities.
Our Mumbai kickoff set the tone for the entire series, drawing 43 security leaders eager to dive into critical cybersecurity challenges. Rob Dooley, General Manager APJ, welcomed attendees before Regional CTO Robin Long delivered comprehensive insights on:
The highlight was our fireside chat featuring Starlin Ponpandy, CISO of Orion Systems and Rapid7 customer, discussing ‘Building a New-Age SOC: Practical Applications of AI’. The conversation explored choosing the right SOC model, building effective teams, and navigating the complexities of AI trust and explainability.
The main focus of the Q&A was the evolving cyber threat landscape and how organizations can prepare for 2025's AI-driven, increasingly complex attack environment.
The conversation was dominated by leaders sharing insights on the rise of AI-powered threats, the shift in ransomware tactics to double and hybrid extortion and the urgent need for proactive threat exposure management. Rapid7's emphasis on real-time, AI-enabled defenses and automated risk management strategies sparked strong engagement.
Our Delhi event brought together 43 delegates for candid, strategic discussions about 2025's top cyber threats. Security leaders engaged in deep conversations about AI-powered detection and defense, proactive exposure management, and building resilient SOCs with automation.
The panel discussion on ‘Building a New-Age SOC’ addressed critical challenges including the cybersecurity talent gap and integrating security into DevOps workflows, a thought-provoking conversation examining identity-centric security models and the shift from traditional SOCs to Managed Detection and Response solutions.
Attendees posed incisive questions about upskilling teams in an AI-driven environment, managing tool sprawl, and operationalizing security by design - highlighting the sophisticated thinking of India's cybersecurity leadership.
Our Bengaluru finale drew the largest crowd with 52 delegates, including CISOs and cybersecurity executives from across South India. The discussions were highly tactical, focusing on:
Veteran industry speaker Satish Kumar Dwibhashi joined Robin Long for discussions that reinforced a clear theme: security strategy must evolve in lockstep with attacker innovation.
The success of our India Security Days reflects not just the hunger for cybersecurity knowledge in the region, but also Rapid7's commitment to supporting India's digital transformation journey. We're excited to announce that we're expanding our presence with a Global Capability Center (GCC) in Pune, which will serve as a hub for innovation and home to teams across engineering, business support, and our Security Operations Center (SOC).
This initiative represents more than just business expansion - it's about building cybersecurity capability and expertise right here in India, that will shape a secure digital future for organizations around the world.
The conversations, connections, and insights from our India Security Days have reinforced our belief that India's cybersecurity community is among the most forward-thinking globally. The challenges are significant - from AI-powered attacks to evolving ransomware tactics - but so is the talent, innovation, and determination to address them.
As we look toward 2025 and beyond, events like these remind us that cybersecurity is ultimately about people: the security leaders making tough decisions, the practitioners implementing defenses, and the communities sharing knowledge and supporting each other.
Thank you to all the security leaders who joined us in Mumbai, Delhi, and Bengaluru. Your engagement, questions, and insights made these events truly impactful. We look forward to continuing these conversations and supporting India's cybersecurity community as we navigate the challenges and opportunities ahead.
Interested in joining our growing team in India? Learn more about career opportunities at our new GCC in Pune.
At the Take Command 2025 Virtual Cybersecurity Summit, a standout session titled Risk Revolution brought together Rapid7 product leaders and ESG analyst Tyler Shields to unpack the evolution of exposure management — and how organizations can build more context-driven, proactive risk strategies.
Hosted by Ryan Blanchard, Senior Manager, Product Marketing at Rapid7, the panel featured:
Here are the key takeaways from the discussion, along with supporting insights from the post-event attendee survey.
The session opened by distinguishing exposure management from traditional vulnerability management. Tyler Shields explained:
“Exposure management is the maturation of vulnerability management… It's understanding risk, business context, and prioritizing accordingly.”
Rather than focusing solely on patching, exposure management is about knowing what to fix, why it matters, and who owns it and doing it continuously.
Visibility was a central theme throughout the session. Jane Man noted:
“A lot of the customers we talk to still struggle with just identifying what they have.”
This challenge was echoed in the post-event survey, where 53% of respondents cited identifying unknown assets as the top challenge in their exposure management programs.
Tyler added:
“You can’t protect what you don’t know about. And you certainly can’t prioritize it.”
Prioritization remains a major hurdle for many organizations. Jamie Douglas stressed that severity alone isn’t enough:
“You can have a critical vulnerability on a printer, but if it’s segmented and not internet-facing, is it really a priority?”
The team emphasized the importance of integrating business impact, asset criticality, exploitability, and ownership into the prioritization process.
“If you don’t tie risk to business context, you’re just chasing numbers,” Tyler noted.
A powerful moment in the session came when the panel discussed collaboration across functions. Jane shared:
“Security doesn’t operate in a vacuum. You need buy-in from engineering, cloud, compliance - everyone has a role in risk reduction.”
Without shared language and unified dashboards, visibility doesn’t translate into action. The speakers urged teams to build bridges with IT and DevOps to ensure findings are actually resolved, not just reported.
In the survey, only 18% of respondents said their organizations integrate threat intelligence into exposure management “very effectively”, highlighting a clear opportunity to improve how teams prioritize risk with real-time context.
This stat reinforces the panel’s broader message: that exposure management isn’t a point-in-time project — it’s a continuous, evolving practice.
For a deeper dive into the frameworks, real-world examples, and exposure strategies discussed in this session, watch Risk Revolution on demand.
One of the most actionable sessions at the Take Command 2025 Virtual Cybersecurity Summit came directly from the field. In a panel hosted by Aniket Menon, VP of Product Management at Rapid7, security leaders from Cross Financial Corp, Phibro Animal Health Corporation, and Miltenyi Biotec shared how they’re evolving vulnerability management into a proactive exposure management strategy.
With real-world examples, team metrics, and shared challenges, the panel offered practical advice for teams ready to modernize their approach and reduce risk with more focus and confidence.
Panelists agreed: traditional vulnerability management practices can’t keep up with today’s dynamic, hybrid environments. To stay ahead, security teams must shift toward continuous exposure assessment - building context around vulnerabilities and aligning efforts with business priorities.
As one attendee later shared in our post-event survey:
“Moving from vulnerability management to exposure management isn’t just a process change - it’s a mindset shift. It forces us to be more proactive.”
This takeaway aligns with broader findings from the summit survey, where 64% of respondents identified exposure management as a top priority for improving their detection and response strategies.
Volume isn’t the issue - context is. The panel emphasized that real risk reduction happens when teams align remediation priorities with asset value, exploitability, and operational relevance. That means:
Despite tool investments, many organizations still struggle with asset discovery and visibility. In fact, 53% of survey respondents said identifying unknown assets is the most challenging part of exposure management.
As Edward Chang, Senior Manager of Cybersecurity and Compliance at Phibro Animal Health Corporation, explained during the panel:
“No one has 100% visibility. But if we can improve what we see and give that context to the right teams, we’re already ahead of where we were last year.”
The session encouraged using telemetry, automation, and unified data views to close gaps across environments.
A recurring theme across the panel was the need for collaboration between security, infrastructure, and engineering teams. Effective exposure management doesn’t just rely on the right data — it depends on the right relationships.
Security teams must be integrated into how organizations build, deploy, and operate — not treated as a separate or downstream function. Building that alignment means treating security as an enabler, not a roadblock.
Beyond technology, the session also addressed ownership and accountability. Security leaders must not only flag risk — they must clearly assign and communicate responsibility. As attack surfaces expand and teams diversify, the ability to coordinate across functions becomes even more critical.
If you're looking to strengthen your vulnerability management program or build a more proactive exposure management strategy, this session offers a roadmap shaped by real-world experience.
The Take Command 2025 Virtual Cybersecurity Summit wasn’t just about sharing insights, it was about listening. After the live sessions wrapped, we surveyed attendees to understand where their security programs stand today, what challenges they’re facing, and what they found most valuable during the event.
Now, we’re excited to share those insights in a new downloadable infographic - The Take Command: Pulse of the Industry Survey, capturing the state of exposure management, AI adoption, MDR maturity, and more.
Here are a few standout takeaways from the survey, and where to dive deeper in the sessions on demand.
80% of respondents said they have confidence in their ability to respond to cyber risks through their exposure management program, and 60% reported successful integration of EM into their broader security workflows.
But the day-of survey showed a more nuanced reality. More than half of respondents cited “identifying unknown assets” and “monitoring third-party risk” as the top challenges in their exposure programs.
To explore solutions and strategies, check out Risk Revolution: Proactive Strategies for Exposure Management.
58% of respondents rated their detection and response capabilities at 4 or 5 out of 5, and most teams using MDR cited a need for 24/7 monitoring and support for under-resourced teams. But 21% rated their confidence at 3 or below, indicating that making the right choice in MDR partner is critical.
In sessions like Inside the SOC and Demystifying Cloud Detection & Response, Rapid7’s teams shared real-world threat hunting stories and cloud-centric detection tactics to help close the gap.
Generative AI was one of the most discussed topics across the day — and for good reason. 50% of respondents said they were “very” or “extremely concerned” about adversaries using AI to enhance cyber attacks. Yet 36% of respondents say they’re not currently using Generative AI in their own security operations, citing barriers like tool integration, cost, and lack of skilled personnel.
For those navigating this space, AI in Action and Rise of the Machines both delivered practical examples of how teams are using AI responsibly to improve triage, detection, and response — while setting the necessary guardrails for safe adoption.
Take Command 2025 drew more than 2,200 live attendees, with on-demand views continuing to grow — and the feedback was clear: the content delivered. 67% of survey respondents rated the speakers as “Excellent”, with similarly high marks for session content and delivery.
When asked about their biggest takeaways, attendees consistently highlighted:
Attendees also appreciated the balance of voices, with one noting:
“Good mix of internal and external resources that knew what they were talking about and how to deliver it to a wide audience.”
Another shared:
“I didn’t think Rapid7 could improve its ability to unify information — but the new Exposure Command solution has done just that.”
From the depth of expertise to the variety of session formats, the summit resonated with attendees across roles, regions, and industries.
Want a deeper dive into the data? Download the full Take Command: Pulse of the Industry Survey infographic to explore:
Whether you missed the live event or want to explore specific topics in more detail, every session from Take Command 2025 is now available to watch on demand.
Login