Every year, RSA brings together the sharpest minds in cybersecurity. Whether you attend for the talks, the tech, or the hallway conversations, it’s always worth the trip. It’s one of the few places where you can sense the real-time pulse of the ecosystem – what’s changing, what’s sticking, and what’s just noise.

Saaya Pal, Aqil Pasha, and Robb Hutchins will be on the ground all week, catching up with old friends, meeting new ones, and welcoming both to our CISO Speakeasy Happy Hour. As always, we’re coming in hot with a lot of curiosity and a few big questions. Check out what we’re thinking about below and drop us a line if you’d like to meet up.

Questions we’re asking at RSA

How will the software supply chain stay intact as open source sprawl expands?

CI/CD pipelines are more exposed than ever, and SBOMs alone won’t solve for trust and transparency. We’re curious how development platforms will evolve to embed security earlier and deeper in the build process.

Can AI-powered SOCs finally get ahead of alert fatigue and tool fragmentation?

SOCs are overwhelmed — too many alerts, too few analysts, and an increasingly fragmented tooling ecosystem. AI has potential to reduce noise and improve triage, but how will that play out in practice?

What happens when Splunk becomes too expensive to justify?

Between Cisco’s acquisition of Splunk and growing pushback around cost and complexity, there’s a clear appetite for alternatives. Cribl has proven the case for unbundling — who else is rethinking the stack?

Will Security Data Lakes actually solve for SIEM fatigue?

Traditional SIEM architectures tie storage and analytics together, limiting flexibility and driving up costs. We’re paying attention to how SDLs decouple those elements — and whether they deliver on deeper analytics and faster detection.

How will identity management adapt to the rise of bots, APIs, and agents?

Non-human identities are multiplying rapidly, creating new blind spots. From IoT devices to autonomous agents, we’re interested in companies rethinking identity frameworks beyond the human user model.

What’s the new normal for observability and incident response?

Coming out of SRECon, it’s clear that default tools like Datadog and PagerDuty aren’t meeting every team’s needs. We’re looking for platforms that bring flexibility and real problem-solving to the growing responsibilities of SREs.

How does data infrastructure need to evolve to support real-time AI agents?

As agents become more prominent, infrastructure must keep up. From state durability to real-time streaming, we’re asking what the next-gen data stack should look like — and what foundational changes might be required.

Come say hi (or grab a drink)

We’re co-hosting a happy hour with our portfolio company, Prompt Security and friends at Ridge Ventures on Monday, April 28th at House of Shields. Stop by for strong drinks and even stronger conversations, register here.

During the week, you’ll find us in and around Moscone Center, catching talks and side events. If you’re around and want to connect, shoot us a note:

• Saaya Pal
• Aqil Pasha
• Robb Hutchins

This article is for informational purposes only and does not constitute investment advice. Saaya Pal, Aqil Pasha, and Robb Hutchins are affiliated with Jump Capital and the expressed herein represent the opinions of the authors and Jump Capital. Jump Capital may have investments in or pursue investments in the cybersecurity sectors and companies discussed. References to specific companies do not constitute investment recommendations.