Reflections on RSA Conference 2023: OSINT and Beyond

Now a few weeks removed and recovered from the chaos of the RSA Conference, I wanted to share my thoughts on the 2023 event (the bad and the good). As we look ahead to the rest of the year, the event landscape for ShadowDragon includes a variety of trade shows, but none are quite like RSA.

ShadowDragon finds ourselves in an interesting position year over year in the context of events like RSA, which are designed to bring together the best and brightest in cybersecurity. We have been fortunate to consistently expand our partnerships and integrations among the cybersecurity industry, growing to the point where almost any new investigative platform, case management, link analysis, or publicly available information (PAI) platform will benefit from the capabilities offered by ShadowDragon (persistent monitoring, entity/target-centric collection).

All that said, what did we actually take away from being on site at the RSA Conference this year?


downsides of attending RSA Conference risks signal to noise ratio

 “Downsides” of Attending RSA

  • Finding a quiet place to meet (that isn't restricted to the few sponsors of the event) is painful. I would love to see the organizers take a new approach to enabling more free market meetings and dialogue. There are valuable conversations happening at RSA beyond the vendors that pay to fill the expo hall.
  • Personally, I believe the RSA Conference has outgrown San Francisco. For RSA to grow and survive in the future, it needs to move to a new location that is competitive (I have heard 2024 will be the last year in San Francisco, but we will have to wait and see what happens).
  • The ROI is questionable for newcomers when the signal to noise ratio is so high. As a vendor, evaluating the spend to be part of an event like RSA is unnecessarily difficult. Having attended RSA on and off since 1999, RSA can be helpful for integration partnerships but is difficult to justify if you are hoping to net direct-end customers.


RSA conference positives ethics transparency OSINT for Good

Positives of Attending RSA

  • Love it or leave it, the W Hotel remains a winner year over year for the seasoned “old-timers.” In my experience, more business has been done at the W than on the show floor. I look forward to identifying a new haunt if and when RSA relocates.
  • It was refreshing to learn about market research starting to form around the open source intelligence (OSINT) and PAI space that is also tracking the risks and rewards of the supply chain that may or may not be associated with providers in the space.
  • Conversations around more complex topics, like ethics, transparency and supply chain related issues, were met with curiosity and interest. I was happy to share my concerns about the unintended consequences of artificial intelligence (AI) while also listening to the newly discovered benefits many organizations have experienced.

All in all, RSA Conference 2023 was a success for ShadowDragon. We thoroughly enjoyed the in-person connections made, and look forward to bringing #OSINTforGood to more events in the near future.

In the meantime, be sure to download our newest white paper, OSINT Methods To Investigate Suspected AI Generated Content, written by Nico Dekens (Dutch_OSINTGuy).

Daniel Clemens

Daniel Clemens

Daniel Clemens is the founder and CEO of both ShadowDragon and Packet Ninjas, a niche cybersecurity consulting and services company.

With extensive experience in defensive and offensive security, Daniel has been a quiet trailblazer in digital intel-gathering long before cyber intelligence became a discipline. More than a decade ago he was inventing and applying his own intelligence tools in support of companies and governments around the world facing urgent threats. Using this deep understanding of web technologies and the behaviors of cybercriminals, he has enhanced, updated and packaged these tools under ShadowDragon.

Daniel is a member of the Odonata Holdings, Inc.
Scroll to Top