In this CISO Tradecraft episode, G Mark Hardy, Ross Young, and Andy Ellis share RSAC insights from the vendor floor, including Andy’s effort to visit about 607 booths. They highlight dominant themes like AI SOC offerings and agentic/agent security messaging, noting that many booths used unclear marketing or even failed to describe what they do. The discussion critiques activity-based metrics like badge scans, arguing for outcome-focused goals such as awareness, qualified follow-ups, and customer-driven product feedback. They explore how marketing should create informed buyers, how startups should communicate problem, urgency, and differentiation, and how AI and “vibe coding” may pressure vendor pricing or encourage internal tool-building. The episode also covers open-source sustainability and recommends networking via both major conferences and smaller private CISO events.

Take a look at these three helpful RSAC Reviews:

DUHA - https://www.duha.co/reports/state-of-security-vendors-rsac-2026/

VibeCoded - https://vibecoded.vc/cooked/

Jake Epstein's RSA 2026 Startup Landscape - https://jakee.vc/rsa-2026-landscape.html