By the time RSAC 2026 opened, our message centered on how organizations could reduce risk in measurable terms once a breach was already underway. That idea went on to shape the sessions, the demos, the media conversations, and the one-on-one discussions at our booth throughout the week.
Across live demonstrations of the Xshield Enterprise Microsegmentation Platform™, conversations with security leaders, and sessions spanning OT, identity, lateral movement, EDR-led acceleration, and AI-assisted policy design, the same theme kept coming through. Resilience comes from more than seeing risk clearly. It comes from being able to contain blast radius quickly, protect critical operations, and do so without adding disruption to the business.
This wrap-up follows that thread through the week, from the recognition ColorTokens brought into RSAC to the ideas Rajesh Khazanchi shared around breach readiness, and then into the speakers, partners, product moments, and live interactions that kept bringing everything back to measurable risk reduction.
Breach Readiness for Measurable Risk Reduction
Across live demos of the Xshield Enterprise Microsegmentation Platform™, direct conversations with experts across security and product leadership, and one-on-one discussions around architecture, priorities, and risk, the focus has stayed on how organizations reduce risk once a breach is underway.
That message has also been reinforced by the recognition ColorTokens brought into RSAC this week.
Recognition That Carried Into RSAC 2026
ColorTokens is carrying fresh third-party recognition into the week. Recently, GigaOm named ColorTokens a Leader and Outperformer in its 2026 Radar for Microsegmentation, recognizing Xshield as the only vendor to achieve a perfect 5.0 across every key feature category. On March 23 at RSAC 2026, Cyber Defense Magazine also named ColorTokens the “Most Innovative Breach Readiness Solution,” reinforcing the company’s position around breach readiness, containment, and measurable risk reduction.
That recognition also carried onto the show floor, where Dave Burton, VP of Marketing at ColorTokens, was pictured with the award for “Most Innovative Breach Readiness Solution” from Cyber Defense Magazine at RSAC 2026.
Rajesh Khazanchi on Breach Readiness in the Age of AI
Rajesh Khazanchi, CEO and Co-Founder of ColorTokens, joined CyberRisk TV at RSAC 2026 to talk about breach readiness and measurable risk reduction in the age of AI. One of the clearest ideas from that conversation was that cybersecurity today is not only about prevention. It is also about preparedness, resilience, and the ability to contain risk quickly when incidents occur.
As environments become more connected across data centers, cloud, applications, and operational systems, organizations are rethinking how they reduce exposure and limit the impact of potential breaches. That is where a strong Zero Trust mindset and microsegmentation can make a meaningful difference by helping contain threats, protect critical assets, and support business continuity.
The conversation also reinforced another important point: effective security goes beyond checklists. Real progress comes from visibility, validation, and continuous testing so organizations can respond with confidence when it matters most.
That same thinking carried through the week at Booth #1933. It surfaced differently each day, but it always returned to the same ideas of containment, resilience, and measurable risk reduction.
That thread was visible from the start, and it shaped each day of the week in a slightly different way.
Earlier in the Week | Day 2 Highlights at Booth #1933
Day 2 set a strong foundation for the week. Gautam Sinha (VP of Energy & Manufacturing, ColorTokens) opened the day by bringing the IT-OT conversation into focus, showing how flexible deployment, unified visibility, and faster containment can help organizations reduce lateral movement risk across modern environments.
Paula Januszkiewicz (CEO and Founder of CQURE Inc. and CQURE Academy) led three connected sessions on lateral movement, identity abuse, and authentication protocol exploitation. Together, they broke down how attackers move after initial access and why reducing that freedom to move matters so much once a breach is underway.
John Opala’s ( VP IT & Global CISO, Hanesbrands Inc.,) delivered one of the strongest strategic moments of Day 2. His featured session connected OT cyber risk, manufacturing resilience, and board-level accountability, while showing how frameworks such as the Purdue Model and ISA/IEC 62443 can support governance without losing sight of production continuity.
Harish Bangalore (Global Head of Cybersecurity, Life Sciences & Healthcare, HCLTech) brought the partnership angle into focus, showing how HCLTech and ColorTokens are approaching Zero Trust through microsegmentation, cloud-native visibility, and operational alignment across healthcare, manufacturing, energy, and OT environments.
Bob Palmer (Director of Product Marketing, ColorTokens) kept the conversation practical, showing how organizations using CrowdStrike, SentinelOne, or MDE can move faster on microsegmentation without deploying additional agents.
Satyam Tyagi (VP of Product Management, ColorTokens) closed the day with a session on AI-designed microsegmentation, focusing on the risks of general-purpose LLMs in security automation and the need for safer policy refinement before deployment.
Beyond the speaking sessions, Day 2 also brought strong partner and customer engagement around the booth. Conversations continued across demos, one-on-one meetings, and partner interactions, adding another layer to the breach readiness story on the floor.
Taken together, Day 2 established the same thread that continued through Day 3: containment, resilience, and measurable risk reduction across real-world environments.
Day 3 Highlights at Booth #1933
Paula Januszkiewicz, CEO and Founder of CQURE Inc. and CQURE Academy, returned with another packed booth session, continuing her focus on lateral movement, identity abuse, and authentication protocol exploitation. Her sessions remained some of the most technically grounded moments at the booth, drawing close attention from attendees looking at how attackers actually move once they get in.
Alex N. Lawrence, Associate Director of Cybersecurity, Neurealm, brought the healthcare angle into sharper focus. His session broke down how attacks move through healthcare networks and where microsegmentation can help contain that spread before it reaches more sensitive systems and workflows.
AppGate’s session brought another strong thread into the day, connecting north-south access control and east-west microsegmentation in a way that tied directly back to breach containment. It also gave the ColorTokens and AppGate partnership a stronger on-floor presence, especially with the Capture the Flag challenge running alongside the booth activity.
Tech Mahindra added another practical layer to the Day 3 conversation, focusing on how Zero Trust intent becomes actual enforcement. The discussion around architecture, identities, segmentation, and solution tenets added more operational depth to the booth agenda as the day progressed.
Beyond the scheduled sessions, the booth stayed active through live Xshield demonstrations, one-on-one product walkthroughs, partner conversations, and steady attendee engagement around the demo stations. That gave Day 3 a fuller shape, with the product, the partnerships, and the live conversations all reinforcing the same breach readiness message from different angles.
Day 3 also brought strong partner engagement away from the booth, with meetings and conversations that extended the show-floor momentum into more focused discussions.
By Day 4, the themes of the week were already firmly in place. The final day gave them a last, concentrated run through the booth.
Day 4 Wrap-Up at Booth #1933
By the final day, the booth no longer needed to introduce its story. It was already in motion. Gautam Sinha brought IT-OT resilience and measurable containment back into the conversation, while Satyam Tyagi returned to AI-designed microsegmentation and safer policy automation. Around those sessions, the booth stayed active with live demonstrations, product walkthroughs, customer conversations, and partner meetings that gave the week a strong close.
What stood out on Day 4 was not a change in theme, but the consistency of it. The same questions had carried through the week, and they were still the ones drawing people in on the last day. How do you enforce Zero Trust in a way that holds up in real environments. How do you contain blast radius without slowing the business down. How do you reduce risk in a way that is visible, practical, and measurable.
The same logic carried into the CTF, which stayed tightly connected to the rest of the booth rather than sitting off to the side as a separate activity.
The CTF Closes Out at RSAC
ColorTokens hosted its third annual CTF at RSAC 2026, and this year it ran as a joint mission with AppGate.
With the contest active on and around the booth through the week, the CTF became more than a side activity. It reinforced the same containment and layered defense story running through the sessions and demos.
The challenge, Operation Ghost Protocol, began with a breach at AeroStream Utilities. The perimeter had already been bypassed. The adversary was moving toward the ICS cooling systems. The mission was to contain the attack before the damage reached critical infrastructure.
Participants moved across multiple layers of defense. At AppGate’s booth, the challenge began with access control. At ColorTokens Booth #1933, it moved into segmentation, OT visibility, and physical access control. The structure mirrored the kind of layered thinking defenders need once an attacker is already inside the environment.
By the close of the event, the CTF had its winners, and the challenge itself had become one of the clearest examples of how the booth translated breach readiness into something live, interactive, and visible on the floor.
Closing the Week and Looking Ahead to RSAC 2027
By the end of RSAC 2026, our message had carried through every part of the week. Security leaders are being asked to show how risk can be reduced after initial compromise, not just how threats can be stopped at the perimeter.
That is where breach readiness gives organizations a practical way to contain movement, protect critical operations, and reduce impact when it matters most. To see how that could look in your environment, contact us or request a demo.
