Welcome back to The Trident Radar!

With RSA Conference just two weeks away, this week's newsletter is all about what's coming. We're breaking down all ten Innovation Sandbox finalists, what they tell us about where the industry is headed, and giving you a survival guide for navigating the Moscone madness.

On the deal front, a quieter week overall but notable moves: Cylake emerged from stealth with a $45M seed (Greylock), Evervault raised $25M for payments security, and Reclaim Security grabbed $20M for cloud asset management. Meanwhile, StrongDM is heading to PE via Thoma Bravo, and OneSpan picked up Build38 to bolster mobile app protection.

Let's get into it.

Taking a stroll back in time, Josh Keeley is joined by Matt Hartley, Co-Founder of BreachRx, the first intelligence incident response platform, showcasing the market disruptors at RSA 2025.

What has changed this year?

Insider Insight: The CISO's RSA Survival Guide
Company Spotlight: Token Security

13 days until RSA Conference!

Ten companies. Five minutes each. One winner. The Innovation Sandbox has been the industry's premier startup showcase since 2005, launching companies like Phantom (acquired by Splunk), Apiiro, Abnormal Security, and Wiz.

This year's finalists tell a clear story about where the market is headed: AI agents are everywhere, social engineering is back in focus, and code security is getting smarter. Here's the full rundown:

Token Security
Non-human identity security for the agentic AI era. Discovers, manages, and governs every AI agent and machine identity across the enterprise. With AI agents proliferating faster than security teams can track, Token is betting that NHI governance becomes as critical as human IAM. See Company Spotlight below.

Geordie AI
Security and governance platform purpose-built for AI agents. Provides real-time visibility into agentic footprint, observes agent posture and behaviour, and identifies risk within agents. If Token Security is about identity, Geordie is about behaviour.

Realm Labs
Lets enterprises see inside AI's "brain" during inference. Monitors AI thoughts in real-time, catches misbehaviours as they happen, and acts before they cause harm. The interpretability play for enterprise AI safety.

Charm Security
Agentic AI workforce purpose-built to prevent scams, social engineering, and human-centric fraud. Blends deep fraud expertise with behavioural psychology for real-time prevention, intervention, and resolution. Fighting AI-powered scams with AI-powered defence.

Humanix
Conversational AI trained on cognitive psychology to detect and respond to manipulation, deception, and impersonation as they happen. Social engineering detection at the conversation layer.

Clearly AI
AI-powered security reviews replacing manual work. Automates threat modelling, design reviews, and risk triage by pulling context from where teams already work. The "AI security engineer" for every development team.

Crash Override
Embeds in CI/CD to capture build execution data that APIs can't access. Automated SLSA Level-2 compliance, complete provenance tracking, and certificate management. Software supply chain security through build-time visibility.

ZeroPath
Replaces traditional SAST, SCA, Secrets, and IaC stacks with a single AI-native engine. Detects complex business logic flaws and chained vulnerabilities that legacy tools miss. The consolidation play for code security.

Glide Identity
Next-generation authentication for the AI era. Verifies users instantly without passwords or SMS codes using cryptography, telco network intelligence, and device-level trust. Passwordless auth that actually works.

Fig Security
Security Operations Resilience. Keeps detection and response working through constant change. Finds and fixes broken security flows across the SecOps stack, simulates and deploys changes. The DevOps for SOC play.

The Harlequin (March 23 and 25) 9am-4pm on Monday and Wednesday. Ocean Security, Tidal Cyber, and Reveal are sponsoring.

Cyber Startup Expo (March 23) We're sponsoring alongside Dreamit Ventures, Blu Ventures, DataTribe, and Carnegie Mellon CyLab. Charlee Ryman will be moderating a panel on leveraging the channel. Great BD opportunity to meet early-stage founders.

Cyber VIP Reception (March 23, 5-8pm) 680 Folsom Street. Co-hosted by Merlin Ventures, Evolution, and Lightspeed. We're one of the sponsors alongside AWS and Davis Polk.

CISO Karaoke Yes, it's happening. Our digital ad van will be circling San Francisco on Monday promoting the event. If you see it, grab a photo.

If you're heading to RSA and want to connect, drop us a line at [email protected].

Cylake
Seed - $45M (Greylock)
AI-native cybersecurity platform providing data-sovereign security architecture for highly regulated organisations. End-to-end security visibility across enterprise systems while keeping full control of data. Big seed for a stealth company.

Category: AI-Native Security / Data Sovereignty
HQ: Sunnyvale, CA

Evervault
Later Stage VC - $25M (Index Ventures, Kleiner Perkins, Sequoia Capital, Ribbit Capital)
Payments security platform protecting and processing sensitive payment data. Encryption, tokenisation, secure enclaves, and developer APIs for PCI-compliant workflows.

Category: Payments Security / Data Protection
HQ: Dublin, Ireland

Reclaim Security
Series A - $20M (Acrew Capital, Ibex Investors, QPVentures)
Security platform simplifying digital asset management across cloud environments. Centralises asset visibility, identifies security risks, and prioritises critical vulnerabilities.

Category: Cloud Asset Management / Risk Management
HQ: Tel Aviv, Israel

Circadence
Later Stage VC - $16.4M (Seneca Partners)
Cyber training and education platform developing cybersecurity skills and competencies for novice and seasoned professionals.

Category: Cybersecurity Training
HQ: Boulder, CO

ArmorCode
Later Stage VC - $16M (Ballistic Ventures, Highland Capital Partners, Sierra Ventures, NGP Capital)
AI-powered application security posture management (ASPM) platform. Integration with security tools, automated risk prioritisation, and AI-driven remediation workflows.

Category: ASPM / Application Security
HQ: Palo Alto, CA

Cybervergent
Seed, $3M (Atlantica Ventures, Ventures Platform)
Digital security automation using AI, automation, and compliance frameworks. Cyber operations, security engineering, and digital forensics services.

Category: Security Automation
HQ: San Jose, CA

Surveily AI
Later Stage VC - $2.98M (Look AI Ventures, Momenta Ventures)
Centralised computer vision technology for OHS supervision. Integrates with existing CCTV to detect threats in real-time using AI.

Category: Computer Vision / Physical Security
HQ: Wroclaw, Poland

Artiphishell
Series A -$1.5M
AI-based application security technology for vulnerability identification. Ingests alerts from security tools, filters false positives, verifies exploitability, generates validated patches.

Category: AppSec / Vulnerability Management
HQ: Santa Barbara, CA

Build38 → Acquired by OneSpan (NAS: OSPN)
Deal Type: Merger / Acquisition
Deal Date: March 2, 2026
Deal Size: Undisclosed

StrongDM → LBO by Thoma Bravo, Insight Partners, TPG
Deal Type: LBO
Deal Date: March 5, 2026
Deal Size: Undisclosed

You've booked the flights. You've got 47 vendor meetings scheduled. Your calendar looks like a game of Tetris. Welcome to RSA Conference 2026.

After years of watching security leaders stumble through Moscone like zombies by Wednesday afternoon, we've compiled the definitive survival guide. Print this out. Laminate it. Tattoo it on your forehead.

The Physical Game

Shoes matter more than your keynote attendance. You will walk approximately 47 miles over four days. Those dress shoes you packed? Leave them at the hotel after day one. Nobody is judging your trainers. Everyone is judging whether you can make it to the 4pm meeting without limping.

Hydration is not optional. The Moscone air conditioning is designed to desiccate human beings. Carry water. Drink water. Become water. The fancy coffee from the expo floor does not count as hydration, despite what your body is telling you at 3pm.

The protein bar in your bag is not lunch. It's emergency rations. Eat actual food. Yes, you'll miss 15 minutes of booth-hopping, no, you won't remember anything from that time anyway because your blood sugar was at cave-person levels.

The Social Game

Have your "what do you do" answer ready. You will be asked this 200+ times. Have versions for: fellow practitioners (technical), vendors (brief), executives (strategic), and confused Salesforce conference attendees who wandered into the wrong building (very brief).

The badge scan is a contract. Every time you let someone scan your badge, you're agreeing to receive emails until the heat death of the universe. Scan strategically. Or don't complain in April when your inbox is 40% "Great connecting at RSA!"

Your LinkedIn will explode. Accept this. The connection requests will flow. The InMails will multiply. You will receive pitches from vendors you definitely did not visit. This is the circle of life.

The Vendor Game

Nobody needs another stress ball. Or branded socks. Or USB drives from 2019 that your security policy won't let you plug in anyway. The swag bag gets heavy. Be selective. Aim for the actually useful stuff (portable chargers, good notebooks) or the genuinely absurd (we've seen inflatable flamingos, complete LEGO sets, and once, inexplicably, a live succulent).

The demo you see is not the product you'll buy. Every demo environment is running on pristine data with zero edge cases. Ask about implementation timelines. Ask about the last failed deployment. Watch their faces.

"We should grab coffee" means nothing. Unless you put it in the calendar right now, it's not happening. RSA coffee invitations have a half-life of approximately 4 hours before they dissolve into the ether of good intentions.

The Content Game

Pick two keynotes maximum. The rest you'll catch on video later (you won't) or hear about from colleagues (you will). Use keynote time for vendor meetings when everyone else is distracted.

The best conversations happen in lines. Coffee lines. Badge pickup lines. Bathroom lines. Some of the most valuable intel exchange happens while waiting. Put your phone away. Talk to humans.

Take notes or it didn't happen. By Thursday, every conversation will blur into one long pitch about AI-native zero-trust platforms with agentic capabilities. Write down the three things that actually matter from each meeting. Your future self will thank you.

The Recovery Game

Wednesday night is amateur hour. The people who pace themselves go out Tuesday and Thursday. Wednesday is when everyone hits the wall simultaneously and makes poor decisions at vendor parties.

Your hotel room is not a weakness. Taking 90 minutes mid-afternoon to decompress, catch up on urgent emails, or simply stare at a wall is not "missing out." It's strategy.

Plan your Thursday exit. Book a flight that forces you to leave by 2pm Thursday. You will thank yourself. Everything after lunch on the final day is a wasteland of exhausted vendors, picked-over swag, and conversations nobody remembers.

The Meta Game

Have one specific goal.
"Learn about the market" is not a goal. "Evaluate three CNAPP vendors against our requirements" is a goal. "Find my next three hires" is a goal. "Understand if we should be worried about [specific thing]" is a goal. Everything else is tourism.

The real conference is the side conversations.
The sessions are fine. The expo floor is fine. But the dinner with three CISOs comparing notes on the same vendor? The 20-minute hallway chat that turns into a job referral? That's where the value is.

You will not do everything.
Accept this now. You will miss sessions you wanted to attend. You will skip vendors you meant to visit. You will fail to connect with people you planned to see. This is fine. RSA is not about completeness. It's about the handful of conversations and insights that actually move the needle.

See you at The Harlequin.

The Company

Token Security are building a machine-first identity security platform. The company's platform integrates with identity providers, source code repositories, and secrets managers. Founded in 2023 and headquartered in Wilmington, DE with R&D in Tel Aviv.

Token Security's platform integrates with identity providers, source code repositories, and secrets managers to provide complete visibility into non-human identities. The platform discovers machine identities across the environment, maps their permissions and access patterns, identifies over-privileged or orphaned credentials, and provides governance workflows to remediate risk.

For AI agents specifically, Token provides identity lifecycle management, ensuring agents have appropriate credentials, monitoring their access patterns, and revoking permissions when agents are deprecated or compromised.

The Market

The non-human identity market is early but growing fast. Astrix Security raised $51M in December 2024. Oasis Security raised $75M. The category has clearly caught investor attention, and Token Security is among the leaders.

Token Security raised a $7M seed led by TLV Partners in September 2024, followed by a $20M Series A led by Notable Capital in January 2025, valuing the company at $69M post-money. The company has 48 employees and is generating revenue.

The cap table includes strategic angel Shlomo Kramer (co-founder of Check Point, Imperva, and Cato Networks) and Silicon Valley CISO Investments, suggesting strong practitioner validation.

The Team
Co-founded by Itamar Apelbalt (CEO) and Ido Shlomo (CTO).

Why It Matters
Non-human identity is one of those problems that's been quietly growing while everyone focused on human IAM. As AI agents become standard enterprise infrastructure, the organisations that can govern machine identities will have a significant security advantage. Token Security is positioning itself as the platform to make that possible.

The Trident Take
Token Security hits the timing sweet spot: the problem is becoming urgent, the category is validated but not crowded, and the team has the right backing. Their presence in the RSA Innovation Sandbox finals adds visibility at exactly the right moment. One to watch.

Enterprise Account Executive
💰 $140K base, double OTE
📍 East Coast
An AI SOC platform using autonomous agents to investigate and triage security alerts automatically.
Contact: [email protected]

Enterprise Account Executive
💰 $150K base, double OTE
📍 US
Deception technology vendor trapping attackers and recovering stolen credentials before breach.
Contact: [email protected]

Founding Account Executive
💰 $180K base + lucrative OTE ($500K+ Year 1)
📍 US Wide
Agentic cyber service platform augmenting SecOps with AI digital workers. Land grab opportunity.
Contact: [email protected]

Enterprise Account Executive
💰 $160K-$170K base, double OTE
📍 TOLA or West Coast
Leader in CTEM. Validates exposures, prioritises risk, drives continuous threat exposure management.
Contact: [email protected]

Sales Director
💰 $180K base, $320K OTE
📍 US
Series A continuous pen testing platform combining human experts with automated tools.
Contact: [email protected]

VP Product Management
💰Up to $320K + bonus + equity
📍East Coast US
$150M ARR vendor helping enterprises detect and control malicious bots, fraud, and automated abuse.
Contact: [email protected]

Director of Engineering
💰Up to $250K + equity
📍US Remote
Next-gen SIEM simplifying security operations and improving detection effectiveness.
Contact: [email protected]

Customer Platform Architect
💰Up to £110K
📍 UK Remote
AI-driven cyber threat intelligence platform driving actionable intelligence for security operations and risk decision-making.
Contact: [email protected]

Ready to make your next move? These roles won't stay open long.

Have market intelligence to share? Our network sees deals before they're announced, hiring freezes before they're public, and technology shifts before they hit the headlines.

Send us your tips:

Email: [email protected]
All sources protected. We verify before we publish.