There it was - May 6, 2024. I was pacing in my hotel room in San Francisco, presenting to the mirror, wall, and window overlooking the noisy street a few more times before I headed to the Moscone Center to meet my team. I was getting ready for (probably) the biggest three-minute presentation of my career.
As I made my way down to the Moscone Center, I passed a few folks I knew from the cyber industry and said hello without really thinking how I knew them. Then, I suddenly realized this was probably the 15th time I had been to RSAC Conference - but no other RSAC Conference had been like this one.
Sure, being an Innovation Sandbox finalist came with some pressure, but there was really no bigger stage for me to deliver this presentation for VulnCheck.
I was as ready as I ever was going to be, yet I had no idea what the day or the year would hold for myself or VulnCheck. Let’s just say I didn’t think about just HOW much this opportunity would help VulnCheck accelerate into triple digit growth for FY 2024.
The Presentation and What it Did for VulnCheck
Well, I presented first. I went for it and the story I told somehow resonated, despite my not remembering 100% of my talk. At least the part I left out, only I knew I left out. As far as anyone else knew, I nailed it. It helped that my CEO told me that making it to the dance was a win. But when you’re there, you WANT to win it all. (Spoiler alert: We didn’t - Reality Defender took home the trophy.)
There’s so much more I could write about in terms of my experience leading up to, during, and after last year’s RSAC ISB competition. However, I’m going to backtrack a little to provide readers with a perspective on exactly how much of an unlock ISB was and is for VulnCheck.
First, when RSAC’s press release went live on April 2, 2024, VulnCheck had already been seeing steady month-over-month growth in website traffic, as the initial inbound motions were working well.
However, we saw a 12X spike on April 2 in organic traffic in the VulnCheck domain. Traffic made up of highly qualified buyers immediately requesting demos, trials, and registering for our Community, which was even more significant after the announcement and the outbound promotion.
Contestants get a 90-minute demo opportunity at an ISB kiosk as a finalist in between the presentations and the winner’s announcement. After I presented and we had time to demo our exploit intelligence solutions to those in attendance at the competition, ) we realized we were engaging with qualified buyers.
These demos led to some of the best and most direct discussions about the problem we solve and how we compare against the market. Some discussions were with investors and partners as well, but mostly buyers, which helped us drive over $1M in the opportunity pipeline within just a few weeks of post-competition.
The third by-product of the competition was that even in inbound inquiries, either through the web, LinkedIn or advertising/ABM efforts, prospects specifically mentioned Innovation Sandbox coming into our funnel, so we gained quantitative and qualitative results.
Awareness Drives Results. Innovation Sandbox Opens Doors. And VulnCheck Hit a Triple.
Due to the competitiveness of RSAC Innovation Sandbox, it’s not easy to make the Top 10 in order to participate. I’ve applied in the past and not made it, and knowing the volume of submissions the RSAC team has to review and evaluate, it’s hard to know what will materialize and how.
But once you make the cut for the Top 10, things start to change. The industry looks at your brand in an entirely different way. For example, my colleague Jay Wallace, who runs the sales organization at VulnCheck, did the Cyber GTM Talk podcast. I was interviewed on The Cyber Bytes Podcast and on TechStrong TV. VulnCheck was also mentioned in countless articles based on our achievement.
So, the awareness machine was in full swing. Being an exploit intelligence company, we release a significant amount of research, analysis, and key insights. This comes from our massive-scale data set, where we maintain over 400M records on ALL CVEs. The research features zero-days’, trending insights on our data vs other sources, and anything helpful we can contribute to the cyber community.
This, paired with Innovation Sandbox, both validating our brand and what we do at VulnCheck, sky-rocketed awareness and recognition to new heights. For example, our LinkedIn presence escalated close to 700% last year, as we made sure the LinkedIn world knew we’d be in the competition.
By the time another major cyber conference rolled around in August, we were in full swing. We hosted our first-ever Security Wasteland-branded party at the Atomic Testing Museum. We had eight sponsors for this party, 800 people registered, and more than half of those registered actually showed up! All more established brands with bigger budgets and bigger teams. People trusted us. We were on our way to establishing a highly reputable brand and Innovation Sandbox just accelerated that process.
As a venture-backed firm, we saw an enormous uptick in investor interest after it was announced that VulnCheck was a finalist. And post-competition, we were in a solid position for our next raise with 40+ net-new investor meetings on the books for 2H!
So, when the industry knows who you are, and your brand and company are validated by the single most important event for emerging companies in cyber - in addition to the things you are already doing - Innovation Sandbox is that force multiplier.
Ultimately, 2024 was a momentous year for VulnCheck. We tripled our ARR YoY from 2023 to 2024, saw 158% customer growth and we retained 100% of our installed base. Notably, we closed over five customers from the $1M in pipe that Innovation Sandbox gave us.
This competition was a big part of helping accelerate our path of growing and “playing bigger,” and we’re looking forward to connecting with all Innovation Sandbox winners and participants this year at the gala RSAC 2025 Conference is hosting!