Live from RSAC 2026: ColorTokens on Breach Readiness, Measurable Risk Reduction, and What’s Ahead
RSAC 2026 is here, and for ColorTokens, this year’s focus is “breach readiness for measurable risk reduction.”
From March 23 to 26, at Booth #1933 in the South Expo Hall, Moscone Center, we are meeting with security leaders facing a hard reality. Attacks are moving faster. AI is reducing the effort needed to exploit modern environments. Ransomware continues to pressure operations. OT, IoT, cloud, and hybrid infrastructure have expanded the attack surface far beyond what traditional perimeter thinking was built to handle.
The question is no longer whether every breach can be prevented. The question is how quickly it can be contained, how far it can spread, and how much operational and financial damage can be reduced before the business feels it.
That is what we are here to show at RSAC 2026.
Our focus is how organizations can reduce risk in real time through fast, frictionless Zero Trust microsegmentation, AI-assisted policy definition, and practical containment that stops lateral movement before disruption spreads.
Breach Readiness for Measurable Risk Reduction
At the booth, visitors will see how our approach works in practice. There will be live demos of the Xshield Enterprise Microsegmentation PlatformTM, direct conversations with experts across security and product leadership, and one-on-one discussions around architecture, priorities, and risk.
The focus throughout is on outcomes that matter: reducing mean time to contain, isolating compromised systems quickly, shrinking the attack surface, and making Zero Trust enforcement achievable without adding unnecessary friction.
Rajesh Khazanchi on Breach Readiness in the Age of AI
One of the clearest expressions of this year’s theme comes from Rajesh Khazanchi, CEO and Co-Founder of ColorTokens, in his interview from RSAC 2026 with CyberRisk TV on March 24.
Rajesh focuses on a shift security leaders are now confronting directly. AI has accelerated intrusion cycles and reduced the effort needed to exploit modern environments. That changes the speed and pressure of incident response, but it also changes the real question organizations need to answer. Once initial access happens, how far can an attacker move, and what is in place to stop that movement before it affects operations?
That is where breach readiness becomes operational.
In the interview, Rajesh points to a persistent gap. Many organizations have invested in visibility and detection, but still lack the ability to quantify exploitability, restrict lateral movement in real time, or isolate compromised systems without creating business disruption. That gap is where measurable business risk sits.
He also explains how microsegmentation changes the outcome of an attack by limiting east-west movement, protecting critical systems, and helping organizations maintain continuity during an incident.
Sessions to Watch at Booth #1933
The booth agenda this year is grounded in the issues security leaders are actively working through: OT cyber risk, ransomware, healthcare segmentation, policy automation, identity abuse, authentication protocol exploitation, and the challenge of turning Zero Trust intent into consistent enforcement.
Exclusive session by John Opala, VP IT & Global CISO, Hanesbrands Inc.
From Plant Floor to Boardroom: Governing OT Cyber Risk in Modern Manufacturing
South Theatre Briefing Center, Moscone Center Tuesday, March 24 | 12:10 PM to 12:30 PM PDT
As manufacturing environments continue to connect IT and OT more tightly, cyber risk now reaches production continuity and board-level accountability. This session looks at how frameworks such as the Purdue Model and ISA/IEC 62443 can support governance while segmentation reduces blast radius without disrupting production.
Paula Januszkiewicz, CEO and Founder of CQURE Inc. and CQURE Academy
Paula’s sessions focus on the mechanics of attack movement and identity exploitation.
Lateral Movement in Action: Techniques and Prevention Strategies breaks down how attackers move after initial access and what defenders need to see in order to detect and contain that movement.
Identity Under Attack: Exploiting Infrastructure Misconfigurations examines how weaknesses across Active Directory, cloud, and hybrid environments create openings for privilege escalation and spread.
Breaking the Trust Boundary: Securing Authentication Protocols Against Exploitation looks at how protocols such as NTLM and Kerberos are abused in real-world environments and how defenders can reduce that exposure.
These sessions bring the attacker’s path into sharp focus. They also tie directly back to the wider breach readiness story at the booth, because once identity is abused and movement begins, containment becomes the difference between a contained incident and a disruptive one.
Zero Trust Microsegmentation for Digital Resilience
By Harish Bangalore, Global Head of Cybersecurity, Life Sciences & Healthcare, HCLTech
This session looks at how HCLTech and ColorTokens apply Zero Trust through microsegmentation, cloud-native visibility, and automated compliance mapping. The focus spans healthcare, manufacturing, energy, and OT environments where reducing attack surface and protecting critical workloads is an immediate need.
Fast and Frictionless Microsegmentation Leveraging Your Existing EDR Implementation
By Bob Palmer, Director of Product Marketing, ColorTokens
This session focuses on speed to value. Bob Palmer will show how organizations using CrowdStrike, SentinelOne, or MDE can activate microsegmentation quickly without deploying additional agents, giving teams a faster path to visibility and Zero Trust protection against lateral movement.
Zero Trust in the Squared Circle: AppGate + ColorTokens Tag Team Defense
By Corey O’Connor, Vice President, Product Marketing, and Richard Miller, Sales Engineer, AppGate
This session looks at a combined approach to defense. AppGate addresses north-south threats through identity-centric access control, while ColorTokens addresses east-west movement through adaptive microsegmentation. Together, the session shows why both directions of traffic need protection if organizations want to reduce blast radius in a meaningful way.
Stop Trusting “Vanilla” LLMs: AI-Designed Microsegmentation That Won’t Break Your Business
By Satyam Tyagi, VP of Product Management, ColorTokens
As teams look at AI for policy automation, the question is whether those policies can be generated safely. Satyam Tyagi’s session examines the risk of using general-purpose LLMs in security automation and explains how Xshield Autonomous Policy applies a Propose, Simulate, and Fix refinement loop before deployment.
Unified Microsegmentation Fabric: Turning Zero Trust Intent into Consistent, Scalable Enforcement
By Sanjeev Mehrotra, Deepak Nawani, and Peeyush Khare, Tech Mahindra
This session addresses one of the most common Zero Trust challenges: turning intent into action across large, mixed environments. The discussion focuses on identity-driven policy, a unified policy fabric, real-time visibility, and scalable enforcement that supports continuous containment.
Microsegmentation for Healthcare
By Alex N. Lawrence, Associate Director of Cybersecurity, Neurealm
Healthcare remains one of the most pressured environments in cybersecurity. This session looks at how microsegmentation can protect ePHI and contain breaches across clinical systems, administrative workloads, vendors, IoMT, and hybrid cloud infrastructure.
‘Capture the Flag’ Returns to RSAC
ColorTokens is hosting its third annual CTF at RSAC 2026 Conference, and this year it becomes a joint mission with AppGate.
The challenge, Operation Ghost Protocol, begins with a breach at AeroStream Utilities. The perimeter has already been bypassed. The adversary is moving toward the ICS cooling systems. The mission is to contain the attack before the damage reaches critical infrastructure.
The challenge runs from Tuesday, March 24 at 10:00 AM through Wednesday, March 25 at 11:59 PM.
Participants will move across multiple layers of defense. At AppGate’s booth, the challenge starts with access control. At ColorTokens Booth #1933, it moves into segmentation, OT visibility, and physical access control. The structure mirrors the kind of layered thinking defenders need once an attacker is already inside the environment. If you want to participate, register here.
Follow This Page for Live RSAC 2026 Updates
This page will continue to evolve through the week with updates from the booth, session highlights, key moments, conversations, and takeaways from RSAC 2026.
If you are at the conference, stop by Booth #1933. If you are following from outside the event, keep checking back here for live updates from the floor.
The post Live from RSAC 2026: ColorTokens on Breach Readiness, Measurable Risk Reduction, and What’s Ahead appeared first on ColorTokens.
*** This is a Security Bloggers Network syndicated blog from ColorTokens authored by Tanuj Mitra. Read the original post at: https://colortokens.com/blogs/rsac-2026-updates-breach-readiness-microsegmentation/
