Cybersecurity startup competitions like RSAC Innovation Sandbox, Black Hat Startup Spotlight, and GISEC Cyberstars are more than just exposure — they’re credibility accelerators. Winning (or even placing) can unlock investor attention, strategic partnerships, and top-tier talent.

This reflection is grounded in close collaboration with founders, investors, judges, and participants across these competitions — not just to summarize what works, but to spotlight what actually moves the needle.

Whether it’s a live pitch, pre-recorded video, or on-stage demo, in just a few minutes you’re not just presenting your product — you’re making your story resonate.

As Ofer Maor, Co-Founder and CTO of Mitiga and a Top 10 RSA finalist, put it:

“Treat it like an investor pitch — but with a stronger emphasis on innovation and differentiation.”

You’re pitching to experts — not generalists. Judges at competitions like RSA, Black Hat, and GISEC GLOBAL are typically seasoned investors, technologists, and operators. They’ve seen countless pitches and know how to separate signal from noise. Here’s what matters:

✅ Do highlight what makes you fundamentally different

✅ Do acknowledge tradeoffs or known gaps — it shows awareness, not weakness

✅ Do make it clear who your buyer is and what conversation you’re part of

✅ Do make the problem you’re solving obvious — what’s broken, for whom, and why now

❌ Don’t use generic claims like “security is important” or “the market is huge”

❌ Don’t position by discrediting competitors

❌ Don’t default to buzzwords and jargon; clarity always wins

❌ Don’t rely solely on external market stats — ground your projections in real factors like your pricing model, traction to date, and the number of companies that match your target customer profile.

What they’re looking for is depth, clarity, execution — and something that doesn’t fit the mold.

1️⃣ Problem Statement — Start with the problem you are trying to solve; frame it using recent incidents, industry reports, or stats that reflect its severity, and use headlines or credible third-party data to establish urgency and relevance.

2️⃣ Strategic Framing — Clarify what you’re solving that is different from existing solutions (this is key to be considered an innovation); clearly position your approach versus existing players and explain what makes your solution fundamentally different — not just better — and why that matters now.

3️⃣ Visual Storytelling — Use visualization of what you are saying and tailor the medium — slides, video, or live presentation — to reinforce the message; include diagrams, market maps, or segmentation visuals to show where your product fits and help the viewer quickly understand scope, domain, and your angle.

4️⃣ Need for Change — Explain why this problem can’t be solved by simply extending existing tools. Highlight shifts in threat models, customer expectations, workflows, or market dynamics that call for a new approach. Stay focused on the gap, not the competitor — your goal is to spotlight unmet needs, not to critique others.

5️⃣ How We Solve It — Transition from the problem into your core proposition; end with a crisp value line: “Here’s what we’ve built to change that.”

6️⃣ Product Demonstration — If the competition allows a video or longer format, a strong demo is your best proof of value. Show the product in action — highlight real workflows, key interactions, and outcomes to make it feel usable and grounded. For live pitches, use clear visuals or examples to hint at depth without relying on a full walkthrough. Close with a quick look at what’s next — even a simple roadmap glimpse helps convey direction and long-term thinking.

7️⃣ Demonstrated Innovation — Leverage the product to demonstrate your innovation and how it solves the problem and need you presented; showcase a capability that didn’t exist before — such as novel detection logic, correlation methods, or automation techniques that change how the problem is addressed.

8️⃣ Unique Capabilities — Try to demonstrate at least one or two unique features that highlight value and innovation; zoom in on something only your product can do — a specific feature, UI pattern, data model, or response path that truly stands out.

9️⃣ User Impact vs. Competitors — Highlight how your platform improves on existing solutions and enhances the user’s workflow. Focus on outcomes — faster action, broader coverage, fewer clicks — and emphasize seamless integration to reduce friction, support compliance efforts, and align with broader operational frameworks without adding another silo to the stack.

🔟 Team Snapshot — Keep this section short and visual; include headshots, quick bios, and clear roles. Show why your team is best suited to solve this problem — whether through shared experience, relevant domain expertise, or a proven track record of execution.

1️⃣1️⃣ Market Validation — Showing traction is important — it signals both demand and value. Keep it short but meaningful: include logos, testimonials, design partners, or pilot wins — and, if time allows, highlight key measurable outcomes that reinforce fit and impact (e.g. reduced response time, increased coverage).

Cybersecurity continues to stand out as one of the few tech sectors gaining real traction. In Q1 2025, VC-backed cyber startups raised over $2.7 billion — a 29% increase from the previous quarter — even as overall deal volume declined.

This growth reflects a broader rebound: global venture capital investment rose nearly 7%, from $118B in Q4 2024 to $126B in Q1 2025. Notably, over 60% of deals globally were in early-stage rounds, underscoring investor appetite for fresh innovation — particularly across AI, security, and defense-aligned sectors.

Major exits like Google’s $32B acquisition of Wiz have reignited investor interest in companies that deliver real, differentiated value. AI is playing a central role in this resurgence, with automation and intelligent workflows emerging as core themes driving both attention and funding.

For early-stage founders, that makes these competitions more than a spotlight — they’re a launchpad for breakout visibility and serious capital.

That momentum was unmistakable at RSA Conference 2025, where 7 out of 10 Innovation Sandbox finalists focused directly on AI security. From runtime agent defense (CalypsoAI), autonomous investigations (Command Zero), and AI guardrails (Aurascape) to novel approaches in LLM access control (Knostic) and AI behavior verification (EQTY Lab), this year’s lineup wasn’t just AI-powered — it was AI-centric. ProjectDiscovery which won both the RSAC Innovation Sandbox and Black Hat Asia Startup Spotlight, stood out for its use of AI to accelerate vulnerability detection — automating the creation of detection templates for newly disclosed CVEs and emerging threats. Its open-source tooling and cloud platform help teams identify and remediate security flaws faster.

Generative AI, cybersecurity, and cloud solutions are poised to drive growth by 5.6% in 2025, up from 4.6% in 2024 — Forrester

These trends reflect a broader shift. Investors are increasingly backing startups that don’t just use AI, but secure it, govern it, or rethink how it’s deployed. That momentum is showing up in other industry events too — like the SC Media Awards, which added an AI/ML security category (won by Onyxia Cyber and Sumo Logic), the European Cyber Security Organisation (ECSO)’s STARtup competition, awarded to ONEKEY, and the Defense Advanced Research Projects Agency (DARPA)’s AI Cyber Challenge, where seven finalist teams composed of experts across academia and industry — including Shellphish, Trail of Bits, and Theori — are designing novel cyber reasoning systems (CRS) incorporating cutting-edge large language models to automatically find and patch vulnerabilities in open source software. Their work will be showcased at DEF CON 33 in August 2025.

🙏 Thanks to Jonathan Ong, Robin Vann, Laura Lees, Agnidipta Sarkar, Rishabh R Gaikwad, Junior Santos, Lucas Nelson and others who shared feedback but chose not to be named.

Black Hat USA 2025 Startup Spotlight Competition — August 2–7 | Mandalay Bay, Las Vegas (For additional details, reach out to Brittany Buza)

For a deeper dive into how public cybersecurity companies are performing across AI capabilities, solution categories, and M&A trends, check out the GitHub project: Awesome Business of Cybersecurity

If you’re a founder considering one of these competitions — or an investor evaluating promising solutions — I’m happy to connect. You can book a time here.

You’re also welcome to join the AI Security Hub, a community exploring the intersection of AI and cybersecurity.