If you were at RSA Conference last year, you probably remember the goats. Or the puppies. Or the miniature petting zoos. It was a year of “over-the-top” spectacle. A bit of a circus, if I’m being honest.
Coming into RSAC 2026, the vibe shifted. The show floor was noticeably more subdued, and frankly, I welcomed it. The industry seems to have traded the gimmicks for a renewed focus on actual business outcomes.
That’s not to say it was boring. We saw a wrestling ring on the floor, and one particularly creative vendor bought two booths just so one could literally be a giant pointer to the other. But the real “main event” wasn’t the marketing theater; it was the quiet, intense innovation happening in the corners of the Moscone Center.
The Return of Substance (and the Early Stage Expo)
One of my personal highlights was the Early Stage Expo. It wasn’t just interesting because FireTail was in the mix, but because of the way founders are reimagining “old” strategies for “new” problems.
I saw companies building EDR (Endpoint Detection and Response) specifically for AI agents. It’s a fascinating application of a proven cybersecurity strategy to a brand-new attack surface. We also saw a resurgence in “stagnant” categories; new vulnerability management and CSPM (Cloud Security Posture Management) vendors are emerging, proving that even the most established spaces still have room for disruption when the underlying technology (like AI) shifts the landscape.
The Collaboration Paradox: Rhetoric vs. Reality
One thing that still bugs me, however, is what I call the Collaboration Paradox.
The RSA stage is always full of talks about “sharing intelligence” and “working together.” But on the floor? It’s a different story. As vendors, we see the most compelling signals. We see how AI agents are being abused and what specific attack vectors are hitting different surfaces.
Yet, we largely keep that data to ourselves to maintain a competitive advantage. While customers have formed great ISACs (Information Sharing and Analysis Centers), the vendor community is still falling short of the collaboration we publicly champion. We have the data to make everyone safer; we just need the collective will to share it.
The Great AI Split: 50/50
Walking the floor, it was clear that every single booth was talking about AI. But look closer, and you’ll see a 50/50 split in the market:
- Securing AI: Building the guardrails and controls for AI systems.
- AI in Security: Using LLMs and agents to make traditional security tools faster and smarter.
FireTail lives right at the heart of this intersection. As we move from “AI hype” to “AI implementation,” the question isn’t just “Can we use AI?” but “Is our AI posture actually secure?”
Watch: The 5 Layers of AI Security
During the conference, I had the opportunity to dive deep into this topic. My talk, “The 5 Layers of AI Security,” focuses on moving past the buzzwords to a functional framework for protecting the modern AI stack.
We cover everything from the model layer to the prompt and data layers, ensuring that as you deploy these agents, you aren’t inadvertently opening a back door to your most sensitive data.
Access the complete set of slides here.
It was an exhausting, long week. My feet still hurt. But every year, RSAC reminds me why we do this.
I saw friends I’ve known for decades who are still as engaged and mission-driven as they were on day one. Despite the “data hoarding” by vendors, the people in this industry genuinely want to help their customers achieve better outcomes.
We’re at a pivot point in cybersecurity. The spectacle is over; the real work of securing the AI-driven enterprise has begun. See you at the next one!
*** This is a Security Bloggers Network syndicated blog from FireTail - AI and API Security Blog authored by FireTail - AI and API Security Blog. Read the original post at: https://www.firetail.ai/blog/beyond-the-spectacle-rsac-2026-and-the-5-layers-of-ai-security