Last week I attended the RSA Conference (RSAC) Innovation Sandbox for the first time.  Not only was I an attendee, but I also was fortunate enough to host a CTO panel during the event. For those that aren’t aware, the Innovation Sandbox is one of the more popular programs of the RSAC week.  The highlight of the Innovation Sandbox is the competition for the coveted “Most Innovative Company at the RSA Conference” award.  This is basically the information security version of ABC’s Shark Tank.  If you want to learn about the up-and-coming vendors and technologies, this is one place to do it. To participate, companies had to meet the following criteria: 

  • The product has been in the market for less than one year (launched after February 2013).
  • The company must be privately held, with less than $5M in revenue in 2013.
  • The product has the potential to make a significant impact on the information security space.
  • The product can be demonstrated live and on-site during Innovation Sandbox.
  • The company has a management team that has proven successful in the delivery of products to market.

Ten startup firms pitched their offerings to a panel of six judges while Dr. Hugh Thompson (Program Chair for RSA Conference) assumed the role of Ryan Seacrest and hosted the event.  Each finalist had 3 minutes to present to the judges, and this was followed by 2 minutes of judge questions and answers.  The Innovation Sandbox began in 2009 and has grown in popularity ever since. The winners of the Most Innovative Company include: 

A company doesn’t have to win the award to have success; the exposure from being one of the ten finalists can be significant. As one CEO told me last week, “Just because we didn’t win this award, doesn’t mean we won’t be successful.”  Two notable finalists that weren’t crowned the victor had successful exists include:
Update: Here is a recently published video highlighting the event. 
I found that participating in this year's event was invaluable to me as an analyst, but I really feel that practitioners will find it valuable as well.  Next year you should consider attending the Innovation Sandbox to: 
  • Fast-track your knowledge. Let’s face it, most people don’t have time to track startups. I have challenges tracking them, and it is part of my job. Unless you are an enterprise architect, staying on top of the next disruptors is a challenge. When you are just trying to stay above water in your day job, you don’t have bandwidth for these types of extracurricular activities. The Innovation Sandbox judges spent several months reviewing startups and came up with what they felt were the 10 most compelling companies.  They've done the legwork for you; take advantage of it. 
  • Maximize your time at RSAC. How much time do you allocate for meeting with security firms during RSAC? There were 362 exhibitors at RSAC this year; that’s right, 362.  It is no wonder that there were two exhibitor halls set up. There isn’t enough time, caffeine and patience to meet with them all.  The Innovation Sandbox has booths set up where you can meet with the finalists in a far less chaotic environment (No one soliciting you to sit in on a presentation, no boxing ring, no Miss Teen USA or any of the other distractions on the main exhibitor halls.)  If you are interested in a technology space that one of the finalists plays in, you can find out who their competition is and then meet with them as well.  
  • Polish your speaking skills. Trying to condense the value of an offering into 3 minutes is challenging, and pitching to a noted panel of judges is stressful.  As I watched each of the presenters speak I took something away from each to improve my own speaking skills. If you've heard me speak you know I need all the help I can get. Anyone that has to present in their day jobs can take something away from observing the speakers; it is transferable.  How would you approach demonstrating the value of your security team, or job to senior executives within your organization?

Congratulations to this year's winner: RedOwl Analytics.

I look forward to attending next year's event, so if you attend, make sure to say hello.