RSAC Conference 2025 started off strong last Monday morning with the 20th annual Innovation Sandbox competition. For those unfamiliar with the competition, 10 emerging cybersecurity companies give a 3-minute pitch to a panel of judges, who ask questions and then select a winner and a runner-up.

Since the start of the contest, the finalists have collectively seen over 90 acquisitions and over $16.4 billion in investments. Starting this year, the 10 finalists will each receive a $5 million uncapped simple agreement for future equity (SAFE) investment provided by Crosspoint Capital Partners (owner of the conference) to further develop their offering. An uncapped SAFE investment means that the investor’s SAFE note does not have a maximum valuation cap, so there is no predetermined limit on how high the company’s valuation can be when the SAFE converts into equity at the next funding round. It’s not clear what strings may be attached to the investment and whether startups can refuse the investment and still participate in the competition. One small company we spoke with during RSAC 2025 (not an Innovation Sandbox finalist) admitted that its existing investors were nervous about the potential SAFE investment.

AI, Firmware, And Vulnerability Management

This year’s entrants (Aurascape, CalypsoAI, Command Zero, EQTY Lab, Knostic, Metalware, MIND, ProjectDiscovery, Smallstep, Twine Security) represented a range of cybersecurity categories covering several different use cases and problem sets for security leaders. However, there were few “category-creating” vendors in the contest this year. Instead, most of the vendors seemed to represent possible features (or products) for platform vendors to snag via acquisition. As expected, agentic AI was commonly referenced both as innovative and a shortcut to scale for vendors.

During the break, while the judges deliberated, we tried to predict the likely winner. Many of us liked Smallstep’s pitch around device attestation but didn’t think the judges would pick it. EQTY Lab (verifiable AI agents) also got some votes. Heidi and Jeff both chose ProjectDiscovery, the eventual winner, in their top three.

ProjectDiscovery, pitching open-source vulnerability detection, benefits from a built-in customer base due to its community model. The company’s pitch repeatedly compared itself to “20-year-old technology” and argues that advances in posture management and attack surface management don’t help with the actual problem in vulnerability management: prioritization. ProjectDiscovery contends that its ability to test exploitability — based on its templates — is the difference maker compared with legacy solutions because that element dictates whether to prioritize remediation of a vulnerability.

Companies Or Features?

At the start of this year’s Innovation Sandbox, Dr. Hugh Thompson, executive chairman of RSAC as well as program committee chairman of the RSA Conference Program Committee, displayed a list of 200 companies that were finalists over the past 20 years. The list included several — Abnormal, Axonius, Enveil, Sonatype, Yubico — that remain standalone players in the security space. By contrast, this year’s 10 contenders and their succinctly pitched offerings seemed more like glorified features and less like fully baked companies. We expect the majority of 2025 finalists to be acquired and bolted onto existing tools and platforms in the next 18 to 24 months. The winner, ProjectDiscovery, seemed the most likely of the bunch to remain a standalone company.

One challenge in the Innovation Sandbox is that it’s not clear how much relative weight the judges assign to the quality of the pitch, the overall market opportunity, or how innovative the company or product is. Some pitches were very direct about the problem and backed up their assertions with data. Others struggled to answer questions about what problem they solved or how they brought their niche product to market. In one case, it took 2 minutes (of a 3-minute pitch) for the speaker to explain what the product was.

As for innovation:

  • ProjectDiscovery is game-changing in that it checks a lot of boxes for doing something differently to address a clear pain that has existed for a while, prioritizing vulnerability management according to what is truly exploitable. It also follows a previously successful model by blending open source, community effort, and enterprise support common in tech startups.
  • EQTY Lab and Smallstep are game-changing in different ways, addressing emerging problems or introducing new technologies to solve perennial problems. EQTY Lab focuses on establishing trust in AI agents so that they can run safely and at scale. Smallstep offers an approach to device attestation using the ACME protocol to help fight phishing and exfiltration. Additionally, both startups developed a groundswell of support from major cloud providers and device manufacturers, respectively, lessening tech adoption friction.
  • Knostic and CalypsoAI both tackle problems related to widespread adoption of enterprise AI for internal and external users in different ways. Knostic approaches the problem of AI oversharing by invoking need-to-know information but also helps by suggesting alternate info rather than simply blocking users. CalypsoAI’s agentic warfare solution is a continuous way to evaluate the security of AI by adapting and refining approaches with agentic AI.
  • Command Zero impressed with its presentation about agentic AI in security operations. The 3-minute pitch demonstrated that the company understands the problems, vocabulary, and needs of security operations practitioners.
  • Two entrants looked to reinvent data loss prevention (DLP) in different ways. MIND’s pitch of a DLP platform lacked detailed metrics or quantifiable gains over today’s solutions. Aurascape’s message of innovating fearlessly didn’t match the solution, which focused on AI application discovery and DLP-esque use cases.
  • The remaining entrants also left us with questions about their barriers to entry. Metalware pitched a binary fuzzer to find security flaws in firmware. Fuzzing is a common approach in the IoT and OT security world, but the vendor will have to navigate a crowded supply chain security market, something the judges pointed out, as well. Twine Security introduced AI digital employees and provided some solid metrics on time saved, but the questions of accountability, governance, and trust must be addressed more directly.

A few companies featured in the Innovation Sandbox reflected emerging technologies featured in Forrester’s report, The Top 10 Emerging Technologies In 2025, such as IoT security and agentic AI. Forrester clients should check out that report and schedule an inquiry or guidance session with us to learn more.