Reflections from RSA on innovation, proof, and the shift that's happening right now
I'm writing this from San Francisco during RSA Conference week.
This morning, 7AI was named to Fast Company's Most Innovative Companies list for 2026, ranked #6 in Security. Making this announcement here, in the middle of RSA Conference surrounded by thousands of security professionals grappling with the same questions made me want to reflect on what this recognition actually means.
Because the award isn't really about us. It's about the customers who made it possible.
Over the past year, security teams at some of the largest, most complex organizations on the planet took a bet. They didn't just buy software. They trusted a fundamentally different way of operating. More than 5 million security investigations later, we've earned the right to say something that matters more than any accolade: the question has changed.
A year ago, every conversation started the same way: "Does AI actually work in security operations?"
Today, that question is settled. What I'm hearing from CISOs this week is different: "How quickly can we operationalize AI in our SOC? How do we transition from humans doing all the execution to becoming orchestrators who work alongside AI agents?"
This shift happened faster than I expected. And it's not because vendors got better at demos. It's because expectations changed.
Our threat research team has published two significant reports in the past two weeks.
The first documented a nation-state wiper attack on Stryker, a medical device manufacturer. Iranian-backed actors compromised Intune admin accounts and pushed destructive policies at scale. Our AI agents were hunting across customer environments within hours of the first indicators.
The second exposed an active malware campaign we called "Claude Fraud," targeting developers searching for AI tools. The attackers created fake Claude-branded pages that delivered infostealers through Google ads and trojanized VS Code extensions. They're not just attacking with AI. They're attacking the people who build AI.
These aren't theoretical threats. These are live campaigns hitting production environments. And they share something in common: they operate at a speed and scale that traditional security operations cannot match.
I've been in security for over two decades. I've seen hype cycles come and go. I know what vendor hand-waving looks like.
This is different.
We're recording new episodes of our podcast, Do Human Work, this week at RSA. The CISOs we're talking to aren't asking about features. They're describing a change they're feeling from the adversary side. When attackers can weaponize AI to make their attacks work at machine speed and scale, there's no version of the old way that keeps up.
That's not me making a prediction. That's what we're hearing and seeing at this event.
Walk the RSA show floor and you'll hear "AI agents" from a hundred booths. It would be easy to point out that very few of those vendors have enterprise-ready solutions running in production at Fortune 500 companies. It would be easy to call out the gap between demo and reality.
But that's not the point.
The point is that this is a defining moment for our industry. Not because of what vendors claim, but because of what security teams need. The organizations that figure out how to operationalize AI in their SOC, whether through their internal team or a managed service, will have a fundamentally different security posture than those who don't.
That's what innovation actually looks like right now. Not a feature. Not a product. A transition.
I want to be direct about something: this recognition belongs to the security leaders who took a chance on a different approach.
To the CISOs who gave us access to their environments when our company was less than a year old. To the analysts who challenged our agents and pushed us to get better.
5 million investigations. 7 days to deploy. Those numbers exist because customers believed in what we were building before we had the proof to show them.
Now we have the proof. And this Fast Company recognition is theirs as much as it is ours.
If you're at RSA this week, the energy is unmistakable. There's a sense that something is shifting. The conversations are more urgent. The questions are more specific.
This isn't just about 7AI being recognized. It's about an industry reaching an inflection point.
The organizations that move decisively now will be in a fundamentally different position than those who wait.