The Sandbox Unleashed: Top 10 RSAC Finalists Where AI Fuels Security Innovation

RSA Conference has announced the Top 10 Finalists for its 20th annual RSAC™ Innovation Sandbox contest. From securing LLM’s to embedding AI agents into everyday security workflows, these companies are redefining what’s possible. Each finalist will receive a $5 million investment to advance their cybersecurity innovations. ​

These finalists will present their solutions on April 28 at the Moscone Center in San Francisco, competing for the title of “Most Innovative Startup.” This year’s panel of esteemed judges includes industry leaders such as David Chen from Morgan Stanley and Dorit Dor from Check Point Software Technologies.

Here’s a look at the 10 finalists making waves at RSAC — and why you should have them on your radar.

1. Aurascape

Aurascape platform equips security and AI leaders to enjoy full potential of AI with the tools they need to embrace AI confidently, mitigating the risks of unchecked generative AI and autonomous agents.

2. CalypsoAI

CalyposAI’s Inference platform secures AI applications and agents and offers runtime defenses, agentic red-teaming, observability, and governance. Inference platform is designed for enterprises looking to scale AI without compromising safety.

3. Command Zero

Command Zero is revolutionising security operation with autonomous investigations. By helping analysts quickly run advanced investigations and threat hunts in complex environments quickly and efficiently. Command Zero enables expert-level outcomes at scale and slashes mean time to response.

4. EQTY Lab AG

EQTY Lab pioneers trust-first AI governance. Its AI Integrity Suite uses cryptographic proofs to ensure AI agents remain accountable and transparent — with critical applications in the public sector, life sciences, and finance.

5. Knostic

Knostic helps organizations accelerate the adoption of LLMs. With its knowledge-centric access control, companies can innovate using AI while maintaining strong security, privacy, and governance.

6. Metalware

Metalware tackles a traditionally tough problem: securing embedded firmware. Its automated binary fuzzing platform helps enterprises and governments discover vulnerabilities before deployment — securing critical infrastructure at scale.

7. Mind

MIND automates DLP and Insider Risk Management by continuously discovering, classifying, and securing sensitive data. It empowers organizations to fix issues proactively — and prevent data leaks before they happen.

8. ProjectDiscovery

ProjectDiscovery.io is the team behind Nuclei, a fast-growing open-source platform for attack surface monitoring. It helps security teams find and fix vulnerabilities fast — staying ahead of real-world threats with automation.

9. Smallstep

Smallstep brings Zero Trust to life by ensuring only company-owned devices can access sensitive systems. Co-creators of ACME Device Attestation with Google and Apple, they secure everything from Wi-Fi and VPNs to APIs and SaaS apps

10. Twine Security

Twine builds AI-powered digital workers that handle repetitive cyber tasks from end to end. Its first AI employee, Alex, specializes in identity management — closing talent gaps and executing objectives without burnout.

Final Thoughts

These RSAC 2025 finalists proves that the future of cybersecurity is deeply intertwined with AI–not as a threat, but as a force multiplier. Whether it’s securitng the AI itself, automating cyber operations, or building trust into digital systems, these innovators are shaping the future of cybersecurity.

Keep your eye on them — they’re not just finalists, they’re trailblazers.

Follow us on X and Linkedin for the latest cybersecurity news