If RSAC 2026 proved anything, it’s that the cybersecurity vendor market is not short on solutions. It’s short on clarity, according to a new report from Andy Ellis, CEO and Principal of Duha, Inc.
Across 607 vendors observed on the show floor, 37% referenced AI directly in their booth messaging, with another large subset leaning into “agentic” language. The result wasn’t innovation on display, but saturation. AI has become less of a differentiator and more of a baseline expectation, with many vendors simply layering it into existing offerings or using it as a veneer for legacy capabilities.
Bill Brenner
In many cases, this bordered on outright AI-washing. Vendors cited AI risks in third-party ecosystems, added LLM-based assistants to existing platforms, or simply acknowledged AI-driven threats without materially changing their product. The signal-to-noise ratio suffered accordingly.
Meanwhile, the areas attracting the most vendor density — Application Security, Identity, and Security Operations — highlight where the industry continues to struggle. These were the most crowded categories on the floor, reinforcing a familiar pattern: the biggest markets are often the least solved. Identity, in particular, stood out as both critical and chaotic, spanning everything from IAM and MFA to non-human identities and AI agents.
The category breakdown underscores this fragmentation. Application security alone accounted for 98 vendors, followed closely by Identity (82) and Operations (61), while newer or more niche areas like OT security remained comparatively underrepresented. This imbalance reflects both buyer demand and vendor opportunism — everyone is chasing the same crowded problems.
Even more telling: nearly 8% of booths failed a basic test — an informed practitioner couldn’t tell what the company actually did based on booth messaging alone. That’s not a branding issue, but a market failure.
Then there’s the subtle stuff. Only 4% of vendors used the term “enterprise,” and just 9% leaned into “platform.” Those declines suggest a shift away from monolithic positioning toward more fragmented, feature-driven messaging —ironically making it harder for buyers to understand how solutions fit together.
The takeaway: vendors are building in the right areas, but they’re talking about them in ways that obscure value rather than clarify it.
Michael Farnum
View from the Floor — Lead Gen Theater Over Buyer Education
If the vendor landscape tells you what companies are building, the expo floor tells you how they’re selling it, and that’s where things get more concerning.
The RSAC show floor in 2026 felt less like a marketplace of ideas and more like a lead-generation machine. Booth design, messaging, and engagement tactics were overwhelmingly optimized for one thing: badge scans.
Roughly 10% of booths offered so little meaningful content that even a seasoned attendee couldn’t determine what the vendor did. And in some cases, that ambiguity appeared intentional, especially for well-known vendors trying to reposition beyond their core offerings.
The dynamic mirrors what Ellis describes as a “Halloween” model of engagement: attendees trade personal data for swag, with vendors maximizing touchpoints regardless of buyer intent or qualification. The goal isn’t education, but volume.
Design choices reinforced this. About 5% of booths leaned heavily into themed experiences—castles, forests, movie sets—often at the expense of explaining the product. While some executions aligned with messaging, many did not, creating a disconnect between spectacle and substance.
In extreme cases, vendors managed to combine both problems: over-the-top design with zero clarity.
Even booth staff behavior reflected this imbalance. Smaller booths were more likely to actively engage passersby, while larger, more expensive installations often relied on passive attraction, assuming that brand recognition or visual impact would do the work.
Then there’s the more uncomfortable reality: aggressive lead capture tactics. Reports of non-consensual badge scanning and scripted, one-track pitches point to a persistent gap between how vendors approach the floor and how buyers want to engage.
The irony is hard to miss. At a conference filled with security professionals — people tasked with protecting identity, privacy, and trust — vendors are still defaulting to tactics that undermine all three.
Final Takeaway: A Market That’s Growing But Not Maturing
RSAC 2026 paints a clear picture of a cybersecurity market that is expanding rapidly but struggling to mature in how it communicates value.
AI has become ubiquitous but diluted. Core problem areas like identity and application security remain overcrowded and under-resolved. And the primary venue for vendor-buyer interaction — the expo floor — continues to prioritize lead generation over meaningful engagement.
For security buyers, this means more work: more noise to filter, more overlap to untangle, and more skepticism required when evaluating vendor claims.
For vendors, the opportunity is equally clear: the winners won’t just be those who build better technology — they’ll be the ones who can explain it.
Because right now, that’s the real gap on the show floor.
