Dr. Amit Elazari, CEO and co-founder of Open Policy, joins theCUBE’s Jackie McGuire and John Furrier at the RSAC 2025 Conference to explore how generative AI is reshaping access to policy intelligence. The conversation examines how Open Policy helps companies, from startups to unicorns, adapt to evolving security and regulatory demands.
Drawing on her background as Intel’s former head of cyber policy, Elazari shares insights into the cultural shift toward democratized policy control. The discussion highlights how Open Policy enables product teams to engage directly with compliance strategy using scalable, AI-driven tools.
By aligning innovation with regulation, Elazari says companies can move faster without sacrificing accountability. This new model empowers a broader range of voices to shape policy in a collaborative, tech-native ecosystem.
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
RSAC Conference 2025. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Register For RSAC Conference 2025
Please fill out the information below. You will recieve an email with a verification link confirming your registration. Click the link to automatically sign into the site.
You’re almost there!
We just sent you a verification email. Please click the verification button in the email. Once your email address is verified, you will have full access to all event content for RSAC Conference 2025.
I want my badge and interests to be visible to all attendees.
Checking this box will display your presense on the attendees list, view your profile and allow other attendees to contact you via 1-1 chat. Read the Privacy Policy. At any time, you can choose to disable this preference.
Select your Interests!
add
Upload your photo
Uploading..
OR
Connect via Twitter
Connect via Linkedin
EDIT PASSWORD
Share
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
RSAC Conference 2025. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Sign in to gain access to RSAC Conference 2025
Please sign in with LinkedIn to continue to RSAC Conference 2025. Signing in with LinkedIn ensures a professional environment.
Are you sure you want to remove access rights for this user?
Details
Manage Access
email address
Community Invitation
Dr. Amit Elazari, OpenPolicy
Join us in this insightful session with Dr. Amit Elazari of OpenPolicy as we delve into a transformative era in the security industry at the RSA Conference 2025. The session, hosted by the co-founder and Co-CEO of SiliconANGLE Media, and the principal analyst at theCUBE Research, explores the democratization of policy access in today's tech-driven world.
Dr. Elazari brings a wealth of expertise from their role as the former head of cyber policy at Intel. The discussion focuses on how OpenPolicy scales policy intelligence to make it accessible for companies of all sizes, such as startups and large unicorns. Hosts from theCUBE highlight a cultural shift in policy control and the increasing influence of tech-native individuals in industry changes.
Key takeaways include Dr. Elazari’s emphasis on the platform's ability to leverage generative AI for engaging in policy intelligence. This assists companies in aligning their product strategies with emerging regulations and standards. According to analysts from theCUBE, this approach facilitates innovation and enriches the community by fostering collaboration between startups and large entities on policy influence and adoption.
Dr. Amit Elazari, CEO and co-founder of Open Policy, joins theCUBE’s Jackie McGuire and John Furrier at the RSAC 2025 Conference to explore how generative AI is reshaping access to policy intelligence. The conversation examines how Open Policy helps companies, from startups to unicorns, adapt to evolving security and regulatory demands.
Drawing on her background as Intel’s former head of cyber policy, Elazari shares insights into the cultural shift toward democratized policy control. The discussion highlights how Open Policy enables product teams to en...Read more
exploreKeep Exploring
What is the role of generative AI in scaling access to policy intelligence, policy go-to-market, and policy engagement within the cybersecurity industry?add
What are some ways to streamline government affairs tasks and processes within organizations?add
What advancements and growth has your company seen in the last year, particularly in terms of releasing new features and expanding into federal procurement?add
What is the impact and significance of OpenPolicy as a platform for democratizing democracy and shaping policies?add
>> Welcome back everyone to theCUBE's live coverage here in San Francisco. I'm John Furrier with Jackie McGuire, we're the hosts of theCUBE. Dave Vellante, John Olson, our entire team is here. Day four, things are winding down, real big change in security industry. Again, security is touching many, many things in the industry. All sectors, including government, including the lawmakers, policy is big. Dr. Amit Elazari here, Co-Founder and CEO of OpenPolicy Company, we've had on theCUBE. Amit, great to see you again, coming back on theCUBE. Love your mission. We co-sponsored with the NYSE Wired community, your event Monday night kicking off the show. Good to see you, thanks for coming on.>> Absolutely. I'm excited to be here again.>> Jackie and I were talking on our kickoff today, which was kind of our summary of the show, and one of the things she said that I loved was the humanization of the culture shift, which brings in your mission, democratizing policy, which was once a cottage industry for the rich. Policy control, the big tech, I remember the early days of Google when they had one policy and then they had a department of 50, and the lawmakers were lawyers, not tech people. So now you have tech is now everywhere, this new generation, people are tech native. So there's a mindset shift in the industry, we're here to show where it's top of mind with cultural change. You got tech nerds, business people, military people, all kind of converging, it's one community.>> Right, right. No, it's an amazing time to be here. I mean, I think last year we were just kicking off our platform, first release of the product. We are here again with a very strong customer base to include Wiz and Armies and Census and Zenity and many of the customers that are presenting here on the floor. But what's most exciting is just we are seeing the recognition of this community on the importance of policy. So just to quickly recap, I'm formerly the head of cyber policy at Intel, I come from big tech policy. Around May '23, I recognized this need to be able to democratize access to policy expertise. So if you think about it, all the largest organizations in the world, they have government affairs experts, including in the cybersecurity companies, and those folks can see where policy is going and they help the product team, the marketing team, the compliance team to be ahead of the curve and seize opportunities. And this expertise is scarce. We're talking about hundreds of people. So with generative AI, with our platform, we are actually able to bring to companies of all sizes, and we have customers from seed-level startups, all the way to big unicorns, being able to connect them to policy,>> Talk about the platform, because I think this is innovative. Right? It's not just you're hiring labor and people, you're tapping in a platform, that's the key to what you're doing. Explain that piece, it's super important.>> That's a critical point, John. So our platform really scales access to policy intelligence, policy base go-to-market, and engagement, which is really the process of influencing policy. And so for the longest time before generative AI, we had these professions like the policy experts in cybersecurity, like the lobbyists, like the lawyers, and they have really important expertise that is in demand. Right? And so now with generative AI, we're able to really scrape and look at all the policies, we're also able to prioritize the policies that are coming out. So this is new regulations, new standards, right? New things that their buyers care about, the CISOs, the chief AI officers. They're thinking about the EUA Act, they're thinking about DORA, and we're able to take all of that, contextualize this for our customers, but also take the next step. Prioritize what you should be talking about, produce that content, produce that connectivity to product. And for me, the most exciting piece is actually from the coalitions of these companies, unicorns and startups, and bring them together so they actually can engage in policy.
Jackie McGuire
>> That's important, I think, because many people don't know that before in the US, before a rule is enforced, before a policy is made, there are usually opportunities to get involved, right? There are usually open comment periods and a lot of smaller vendors just don't have the capability or the awareness to influence that. And so I think that's really important, because we were talking yesterday about if we're going to have the private sector needs to step in because we have less government regulation and policy. The private sector can't just be the mega scalers that are going to set policy that is self-serving, right? We need SMBs in there with a better voice to advocate for themselves as well.>> Yeah, I mean, I think the industry leaders and amazing organizations like Google and Microsoft and others, they're really investing in public policy and they're doing great work. But the importance of having innovative access to that is because we see a lot of the cutting edge work on the attack surface and the protection is being done at that startup layer. So let's just take one example. Agentic risk, right? This is a whole new category of threats and protection, and a lot of that innovation is happening with series B with growth and startups. So by connecting those startups to policy, we're doing two things. We're allowing the startups and unicorns to be ahead of the curve. They're working with their buyers and they want to know their buyers' problems, and about 50% of the buyer problem is actually policy. We cannot wait for the CISO to come and say, "Hey, I care about the policy because we need to design the product and the marketing to fit that." So we are helping there, and that helps with what we call policy to revenue connection. But the flip side of it is that we are also helping democracy and we're helping policymakers to be more informed about what's going on and what are the cutting edge solutions, working hand in hand with the big players
Jackie McGuire
>> Instead of lawmakers who've never touched a terminal or triaged a SOC alert. Yeah, you had mentioned DORA, are there other examples you can give of policies that you've helped customers be ready for or be prepared for or influence?>> Oh, yeah, absolutely. So at any given time, we have about what we call 400 top insights, and that's just for cybersecurity, things that are coming in. Because one of the biggest challenges in policy, it's not just be aware of the top line items, so what's top of mind in Europe, what's top of mind in the US, but also connector technology. So if I'm a post quantum migration company, I might not be aware that I'm actually selling for a zero trust narrative that this federal buyer or this CISO cares about. So, all of those elements we work with, and you can see online, we submit about five to 10 comments a month, so we are very active. Witnessed with the White House, with Congress, and we are very fortunate to be cited and impactful there, but this is all possible due to our amazing community.>> One of the themes here is many voices, one community.>> Absolutely.>> That's the theme of RSA. What you're getting at is so powerful because the startups are busy, they want to get product market fit, they want to solve the security problems. And so the themes we hear, I mean, is like, "I don't have time. I'm too busy trying to make money." And so the trend of impact, you mentioned democracy, is now merging with capitalism.>> Right, right.>> And so the voices of startups, probably the most compelling maybe some would say, I think so, they just don't have time. So how do you make time? Open policy.>> Yeah, I mean->> It's huge.... >> we are really proud to be able to help both sophisticated organizations. I mean, all organizations are sophisticated, but I mean those that have government affairs expertise, but really, the majority of our customer base, they don't have in-house government affairs. And so we actually help marketing, product, CROs, obviously federal, to connect those dots. And this is really about not just scaling processes that for me at Intel used to take a lot of time tracking all the policy writing comments, but also being able to deploy AI and agentic security to embed that policy expertise into the model.>> Better product outcome. I mean, I have to ask the question, how does it work? People are going to be interested, obviously it's a great... You know how I feel about open policy, I love it. I'm biased, obviously. The impact, people are going to love this. So you got the kind of, I won't say philanthropy angle, but people want to see change, they want the best, best input. Okay, as Jackie pointed out with the comments. How does it work? People are going to want to know, how do I get involved? Is it a service? Who pays?
Jackie McGuire
>> What's the experience?>> Because I'm a startup, what do I do? What's the vibe?>> Yeah, well, we really evolved in the last year. I mean, if you think of just our growth in one year in the, just as RSA, the features that we are releasing, also new features in the area of what we call capture, which is more federal procurement. So not just influence and awareness, but really getting those contracts. So we are a platform play. Obviously, if you think about our category, we were in this new emerging agentic, what the VCs call getting on the services elephant. So we are training models with the expertise of the service providers to policy people, but it's very seamless. Once we onboard a company, we understand all their product literature. We work with them to understand, what's their demand, where they're selling, what's their product? Then we actually train models. We constantly scrape all the new policies and we connect the dots, prioritize for them what they should be talking about from a marketing perspective, what they should even be considering to implement to the product, because I think one of the most exciting revolutions we've seen here at RSA is compliance and policy as code. Most of the companies, even seed level, are bringing compliance and frameworks into the platform. So if you think about hours and months you're spending into weeks and months you're spending into putting something into production, you got to be accurate. So folks come to us, we have a platform, we make it really easy to just set up all your compliance narrative, but also be on top of the conversation of what's coming next. And we also support the influence part, because they don't have expertise. So really, we really help them understand what's the strategy as well as kind of a system in making that impact, and that's where the coalitions come in, because in order to be working with government as a voice of expertise, you have to have an ecosystem.>> So the benefit to the startup or customer is, okay, I have a market I'm just starting to go to market with, is you're on the product led growth side too. So I can see this as saying, "Hey, I care about product led growth. I care about my customers, because they're going to buy the product." So there's a product angle, I like that connective tissue, you called it connectivity to the product?>> Yeah. So what we find a little bit, this is an amazing journey because when we started this, we were thinking, who is our buyer? Because in the largest organizations in the world, government affairs serves the executives, they work with product strategically. They work maybe with marketing, they obviously work with the federal public sector leads. They're influencing the entire direction of business opportunities by working on policy. And so we were wondering kind of, who's our buyer? And it turns out, our traditional buyer now, if there is no government affairs and there is no public sector, these are very clear. If you're selling security in public sector, I hope you reach out to us because we can really help. As CMOs and CROs, why? CMO, if this is a security product, you have to understand your ICP. Why are they buying because of compliance? And when they meet us, they sometimes don't even know, what are the top 10 policies and regulations for jurisdictions that are selling their product? And so we solve all that problem, but we also constantly monitor for new opportunities. For the CMOs, it's about thought leadership, it's about lead generation, it's about creating a compelling story. For the CRO, that's where we help with sales, sales talking points, sales narrative. And it's exciting, we're starting to work on integrations there. And in a world where everybody's bombarded with messaging, turns out, policy is a differentiator because your buyer cares about policy. So, it's been an exciting time for us to see that stickiness across the organization.>> I love when things just evolve. And one of the trends that's coming out of RSA, we were riffing on this yesterday, is that it's also people getting together. It's very communal, because it's a community, right? So people pick a project, they throw some AI at it and they collaborate. Maybe it's a low-hanging fruit use case, solves some identity problems or whatever happening. But what happens next is, some serendipity happens. They realize, wow, I can do things faster. That is actually a breakthrough. This is what's happening. And the humans are energized by this.>> I mean for us, we feel like we started just in time because we were a little bit ahead of the, what we call that services elephant movement that services the software. And so we ran into the market, got customers, got some fantastic angels and investors, and really were able to meet this moment that we have right in time. So, we created a very flexible architecture.>> Explain the services elephant concept, because people might not know what that means. So explain what that is.
Jackie McGuire
>> Yeah. Well, I think what's interesting is now we are seeing it in security with the AI SOC movement, right? So a lot of startups that are starting to not just automate vulnerability remediation, but are really looking at the security expertise. Think about someone that is managing a SOC and trying to put that in AI. Similar in the world of services, we know there are billions of dollars that are being paid to people with very unique expertise. And so in my role, like policy, the people that really know how to influence regulations or look at policies and propose policies and predict market demand, it's a very small profession. It's about like 500 people that practice this in big tech, just because traditionally that's where you would have government affairs and policy experts dedicated to cyber, dedicated to AI. So when we think about the services elephant, this is about this new movement to take AI agents to areas where traditionally you had scarce human expertise, and bring that expertise to the model to democratize. Now, we do a lot with AI that is just about gathering information. Obviously policy, there are many things that are happening of the type, prioritization, but really, our top workflows are in that area where we encode the policy expert in the loop. And it's phenomenal to take a world where you maybe had 100 companies in security with access to that expertise with in-house government affairs for cyber policy, and now we are able to scale that to, again, a whole universe of company. And we have shown with OpenPolicy that you can have stealth startups investing in this, all the way to the largest organizations in the world.
Jackie McGuire
>> That's amazing.>> That's awesome. What's the most exciting thing that's happened to you this week, besides the party with theCUBE and NYSE Wired? Bur I mean, in general, what's been->> That was the most exciting. I mean->> Of course. Besides that, because we were there. I mean, what are you seeing? What's the cool thing you're seeing here ?>> I mean, I would say just in the last month we onboarded about four more customers. So we have seen just tremendous growth. But here at RSA, we've been, I'm not going to name-drop the companies, but we had meetings with very, very large organizations and small, and we just see the demand. We go in and people are just, yesterday I heard, "Where have you been? This is exactly what I need." And we heard another very large company, probably one of your biggest sponsors saying here, "Yeah, I mean, I see how much thought goes to the platform."
So for me as a founder and my co-founder, David Uzan and the team, just coming here and seeing that we have actually created something that is impactful, that has product-market fit, that is changing the lives and revenue and opportunities for our customers and hearing from them, that has been exciting. And I would say, I mean, there is something very special about OpenPolicy, because in the end, we are democratizing democracy. We're taking a very powerful profession, which is this whole world of access to policy, being able to shape policies, what sometimes people call regulatory capture, which is not my favorite term, but this is sometimes how it's referred. And we're bringing it back to the masses. And I think we have seen in the last year, a recognition in Silicon Valley that DC matters, and we have seen unprecedented time of change and unprecedented uncertainty. And so we're excited to be able to help with that. And I think from an opportunity to sell to the government, we are moving to software first, and there has never been more need for cybersecurity solutions. So, I'm excited about that.>> Well, thanks for coming on, theCUBE. We love transparency, we love access. When you have access open and transparency, magic happens.>> Absolutely.>> Thank you for coming on and sharing. Congratulations. I love the name, OpenPolicy, just the name open.>> Thank you.>> Open, you had me at open.>> Thank you.>> Thanks for coming on. Appreciate it.>> It's an honor to be here.>> Okay. I'm John Furrier, Jackie McGuire, here at theCUBE, bringing all the action. We're open, bringing all the data to you here on theCUBE. Thanks for watching.
Jackie McGuire