In this interview from RSAC 2026, Bipul Sinha, chief executive officer of Rubrik, joins theCUBE's Dave Vellante and Christophe Bertrand to discuss how the rise of agentic AI is creating an entirely new category of cyber risk that legacy security architectures cannot address. Sinha traces Rubrik's journey from backup disruptor to cyber resilience leader, explaining why a purpose-built platform for fast recovery gave it a decisive edge when ransomware surged at scale. He details the launch of Sage, a semantic AI governance engine built on a fine-tuned small language model that judges agentic actions in real time — dynamically stopping compromised or non-compliant behavior before damage occurs.
The conversation also explores why organizations cannot wait for perfect data hygiene before deploying agents, and how layered defenses — from just-in-time identity provisioning to runtime guardrails and agent action rollback — create the confidence enterprises need to move forward. Sinha highlights Rubrik's 90% competitive win rate, driven by capabilities such as prioritized tiered recovery and autonomous recovery that restore mission-critical operations in hours rather than weeks. He unpacks an emerging business model in which AI completes work autonomously rather than merely assisting humans, arguing that governance is the prerequisite for unlocking that value. The discussion also touches on the regulatory balance required in nascent markets, where premature rules risk stifling innovation while the absence of guardrails invites unintended consequences. From building the guardian AI that makes agentic deployments trustworthy to ensuring hospitals, banks and critical infrastructure stay operational under attack, Sinha outlines why cyber resilience remains the foundation of the AI era.
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
RSAC 2026 Conference. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open the link to automatically sign into the site.
Register for RSAC 2026 Conference
Please fill out the information below. You will receive an email with a verification link confirming your registration. Click the link to automatically sign into the site.
You’re almost there!
We just sent you a verification email. Please click the verification button in the email. Once your email address is verified, you will have full access to all event content for RSAC 2026 Conference.
I want my badge and interests to be visible to all attendees.
Checking this box will display your presense on the attendees list, view your profile and allow other attendees to contact you via 1-1 chat. Read the Privacy Policy. At any time, you can choose to disable this preference.
Select your Interests!
add
Upload your photo
Uploading..
OR
Connect via Twitter
Connect via Linkedin
EDIT PASSWORD
Share
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
RSAC 2026 Conference. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open the link to automatically sign into the site.
Sign in to gain access to RSAC 2026 Conference
Please sign in with LinkedIn to continue to RSAC 2026 Conference. Signing in with LinkedIn ensures a professional environment.
In this interview from RSAC 2026, Bipul Sinha, chief executive officer of Rubrik, joins theCUBE's Dave Vellante and Christophe Bertrand to discuss how the rise of agentic AI is creating an entirely new category of cyber risk that legacy security architectures cannot address. Sinha traces Rubrik's journey from backup disruptor to cyber resilience leader, explaining why a purpose-built platform for fast recovery gave it a decisive edge when ransomware surged at scale. He details the launch of Sage, a semantic AI governance engine built on a fine-tuned small lan...Read more
exploreKeep Exploring
How did your company come to focus on cyber resilience — was that a technology pivot or a repositioning, and how did you anticipate and time that move relative to market demand?add
What must organizations do to get their data, access controls, and runtime safeguards in order to safely adopt AI (including handling agent identities, runtime guardrails, and the ability to undo bad agent actions)?add
What are the implications of OpenClaw for governance, business opportunity and risk, and how should organizations use AI to understand and control agentic intent?add
What differentiates Rubrik's data platform—particularly its cyber recovery capabilities—from other vendors' solutions?add
How does Rubrik's autonomous and intelligent recovery prioritize and perform recoveries (for example in large M365 environments) to meet recovery time objectives and ensure business continuity?add
>> And we're back in San Francisco. We're here at RSAC 2026. You're watching theCUBE's live coverage. My name is Dave Vellante. I'm here with Christophe Bertrand. Jon Oltsik is also here. He'll be joining us later on. He's out doing his reporter notebook. He's going to come back and tell us what he's seen on the show floor, but we're really excited to have Bipul Sinha here. He's the CEO of Rubrik, good friend of theCUBE. Great to see you again.
Bipul Sinha
>> Dave, pleasure.
Dave Vellante
>> My business friend, Jeremy Burton, I don't know if you know Jeremy.
Bipul Sinha
>> I know him well.
Dave Vellante
>> He said something to me years ago. He said, "Don't fight fashion." And I look at the way you've positioned Rubrik as a cyber resilience platform and now you're sort of moving into AI operations. Very fashionable. You've been right a lot. What led you to these decisions?
Bipul Sinha
>> I always say to my team that we should always be in love with the market, not with the technology. Because what happens is the market knows what market needs and market is always changing. When we started Rubrik, everybody was doing mobile, social, local, Uber, but we identified backup and recovery as a market that needed disruption and innovation. And we built our product and the company started on that basis, but the biggest disaster was cyber disaster, not human error or natural disaster. So we built our platform purpose built for cyber recovery, cyber resilience. And if you look at the world today, the world is going through AI transformation. The old paradigm of cybersecurity is dead, because it was built for human and human operator and human attacks. So world needs an AI governance engine, world need an AI security and compliance platform. And that's what we are delivering so that our customers can deploy agents with confidence.
Dave Vellante
>> So the pivot to cyber resilience wasn't actually a technology pivot. It was maybe a positioning change. Is that right? You were always built for that?
Bipul Sinha
>> We were always built for cyber resilience. In fact, in 2016, 2017, we created a product for ransomware detection. And when we went to sell it to customers, what we heard was we don't have a cyber problem. We are looking for regular backup and recovery for natural disaster or human error. So we kept advocating about cyber recovery. We kept building our cybersecurity products. We built data classification engine. We built the scope of attack issue. Then we built data threat engine, but the market was not ready. And lo and behold, in 2018, 2019, when the ransomware started to happen at a scale, Rubrik was the only game in town in terms of a unique product purpose built for that moment to deliver fast cyber recovery.
Dave Vellante
>> Okay. So you were a little bit early maybe. You don't want to be late. You don't want to be way too early because there'll be no business there, but you kind of timed it, right? I mean, it's good to have foresight and a little bit of luck. Is that fair?
Bipul Sinha
>> 100%. You have to be two miles ahead of your customers. If you're 200 miles ahead of your customer, they'll write you off. But if you're just two miles ahead and showing them that you understand their problem, but you also anticipate what is around the corner for them, that's when you establish a long-term relationship.
Christophe Bertrand
>> So I have a question for you, which is a perfect segue. Is this now the time of cyber resiliency or cyber resilience for AI, or is it AI for cyber resiliency, or is it both?
Bipul Sinha
>> The way I think about cybersecurity is traditional cybersecurity was built to prevent and detect attack, but you can't prevent the unpreventable. And now with AI assisted attack and AI acceleration, we are in a singularity moment where you cannot stop attacks as much as you try to stop it. So every business has to think about fundamental resilience. The second issue is with geopolitics, nation state actors, hot war and attack on data center or AI infrastructure, now we are truly living in a world where resilience is a national priority. Resilience is a societal priority. Resilience is a business priority, both in terms of digital infrastructure. So AI is a new technology wave and just like all the digital infrastructure requires resilience, AI also needs resilience.
Christophe Bertrand
>> Right. So our research shows at theCUBE Research shows that the nascent AI infrastructure is actually not well protected. Most organizations do not back up most of their infrastructure. So that's one aspect. The basic old backup, are you backing up this new application, workload, whatever you want to call it? And it's very typical. We've seen that many times through the years. New forms of technology come out. They don't get backed up because people don't wake up in the morning thinking about that. It's not about backing up though. It's about recovery. So that's number one. Number two, what we're also seeing is the AI infrastructure itself is being attacked. Literally, people are trying to go poison models or steal data or steal models, steal IP, or even negate all of the efforts by blowing up the actual investment. What are you seeing? Where are we in terms of the type of threats you've seen, what you've been able to help with? I'm very curious about that.
Bipul Sinha
>> There are three aspects of AI protection. One is the AI infrastructure and data protection. That is no different than the traditional data security, data protection and recovery. So that's like the basic hygiene. You need to make sure your data has integrity and data has availability, otherwise you have garbage in, garbage out problem. Second piece is, how do you ensure that models itself are protected from poisoning and other attack? And then the third aspect is now as you are doing agentic work, agents have two problems. They hallucinate and they are also prone to cyber compromise. And if agents are compromised, then you have a semblance of an insider attack where somebody can actually run your business processes. So what we are doing is we are definitely doing making sure that the agent data and infrastructure is cyber resilient. We are ensuring that things that go in and out into your agents and model, they are kosher. And then the third piece is when agents take an action, is this action in compliance with your policies dynamically? We just announced Sage yesterday. Sage is the semantic AI governance engine where we are actually using AI specifically tuned and trained on your policies to be the guardian AI to judge agentic action. This is one of its kind industries first, guard railing AI products.
Dave Vellante
>> So Sage is what, a deterministic complement to the probabilistic agents, or is that right the way to think of it?
Bipul Sinha
>> So Sage is a small language model specifically tuned on your policies so that it can judge where the agent action, whether agents are hallucinating or intentionally taking bad action or cyber compromise, dynamically stop bad action. So for example, Dave, suppose you have an agent that is supposed to send emails that you don't want the agents to send an email to everybody in theCUBE all the time. So what you want to do is although agent has the permission to send email, every time you send email, you look at the payload and say, "Do I allow it or not?" And that's a new dynamic control that only AI can do because it is about understanding agentic intent that old cybersecurity teams that is doing a rule-based policies can never catch.
Dave Vellante
>> So you built a semantic layer, essentially, a purpose-built semantic layer for your particular use case, customers?
Bipul Sinha
>> Well first, build AI.
Dave Vellante
>> Yep. Okay.
Bipul Sinha
>> That is actually the judge AI, guardian AI, to watch your agentic action.
Dave Vellante
>> And how do you think about these LLMs, the four big frontier models that are so powerful? Do you use them to train your small language model? What's your relationship with those?
Bipul Sinha
>> The core issue is that if you're using the large frontier model to judge agentic action, then you have double, triple the cost of every agentic action. You need to have a low latency guardian model that is very, very accurate on your policies. And this is where a small language model comes in. And this is what the product that we acquired with Predibase, those guys were doing model fine-tuning and GPU virtualization to multiplex different model and reduce the cost of inference. So we took that technology and then purpose built it as Sage to be the guardian model to judge agentic action.
Dave Vellante
>> And your cost per token is so much lower.
Bipul Sinha
>> So much lower.
Dave Vellante
>> So much more efficient. Do you see ... I'm sure you do, because you're quite a visionary. What new revenue models do you see emerging in this? People talk about tokenomics, this token economy. Are there new revenue models that you see emerging for Rubrik?
Bipul Sinha
>> 100%. See, the issue is everybody got confused by AI assistant. AI is not to assist on human beings. AI is to take our mundane work and complete end to end, eliminate human beings from mundane work. If AI is assisting you, then you are still living in the digital era. We are in the AI era where AI is doing the work. So now think about, if AI is doing the work, then you have gone beyond the software model, because software was assisting human and making human more productive. But if AI is doing the whole work, then you have software plus the human cost and mundane labor that you can completely automate. So it'll open up a whole new business model, but the mindset has to be that AI is doing actual work and humans are doing the orchestration of the work.
Dave Vellante
>> So that's a completely new business model, different pricing model.
Bipul Sinha
>> 100%. But for this business model to succeed, you need guardrails, because if you have a compromised agent, which is an insider attack, then the damage that it can do is 100x more.
Christophe Bertrand
>> Well, actually I'd like to follow up on that guardrails. And I agree, by the way, with what you just said, what about data itself? I mean, the one thing I haven't heard quite yet is data being really compliant, governed on top of that, so that when an agent takes care in your model of the mundane work and all the way through, or talks to other agents to get to an outcome that you know you haven't broken any compliance regulations, you haven't used data you shouldn't be using. I find that hard today to believe when most people don't have their act together when it comes to basic data management. So is it something that can happen in phases over time, or do you see some specific use cases that are ready for right now? Because I feel like there's so much that hasn't been done as a foundation that we can't even get to that next level.
Bipul Sinha
>> That's actually a very, very good question. And my thought is that it'll be a long time before people can have their act together on data. And I would say it's impossible to do.
Christophe Bertrand
>> Maybe never, right?
Bipul Sinha
>> And maybe never, but there is a lot of pressure from board, from CEO to adopt AI. So what will happen on what is happening in the industry is people are trying to bring their data to order as much as possible, and then ensuring through design time access to sensitive data, to dynamically just in time creating control on agentic identity, plus the runtime guardrail on actual agentic action to ensure that it is compliant with your business policies. And then what Rubrik does also is the rewind that if the agent took bad action, how do you undo or rewind the action of an agent? All of it together will accelerate the AI journey because it's about defense in depth. So clean data as much as possible, then have control and access on that data, then dynamically do just in time provisioning, then dynamically create guardrail for business processes to do the right action and then have an ability to undo.
Dave Vellante
>> And that's non-intuitive. Early on, exactly. People said, "Well, we got to clean up our data before we spend any money on AI." And the opposite is true. Get your data in somewhat order, but not too much. Let the AI help cleanse and harmonize the data. I mean, what you just announced with Sage is a great capability that you can then use to take care of your data. It doesn't mean you have to clean up your whole data estate. And I've found this from speaking to large banks, large manufacturers as well, they initially went into it with reticence because their data wasn't in order and they found it's better to get on the AI curve, let the data help or the AI help cleanse the data. And that was kind of non-intuitive in the early ...
Bipul Sinha
>> Look, at the end of the day in enterprise, there is no revolution. Everything is evolution. And the way it evolves is, there are very, very smart people sitting in these large banks, insurance companies, and they're saying, "How do I adopt AI safely while I am transforming all my other system, modernizing the system?"
So again, it all happens in parallel. It's an evolutionary process, but most important thing is that are you applying agents to do the work? Because if you're not doing agentic work, then you're falling behind because your competition, that is adopting AI can have a lower cost of operations, can have faster product to market. So do you wait for your house to be in order with respect to data before you can jump into it, or you can evolutionary change and deliver AI to the business so that you are in business?
Dave Vellante
>> Well, in that context, Bipul, what do you think about something like OpenClaw, which is talk about the Wild West? I mean, you've got to have, to your point, you got to have governance there, but at the same time, it's a great opportunity for organizations to Claw their business and make their business agentic. It's also huge risk and an opportunity for a company like Rubrik.
Bipul Sinha
>> I mean, look, OpenClaw showed to the world of what is power of an agent is, but it also showed it can do tremendous damage. So it brought the focus that this problem cannot be solved by just giving the right identity. That's one aspect to this problem, but this problem has to be solved by understanding the intent of an agent. And then you can only understand the intent by applying neural, which is applying AI to actually control AI. Because again, we are not in the human world anymore. You are trying to understand agentic intent at the speed of change that agent is forcing you to do. And this is where our idea of applying Sage, which is an AI model to judge agentic action, this is where the world is going.
Christophe Bertrand
>> I have a quick question for you. You're a leader obviously in the space of cyber resilience, AI for cyber resilience. What do you think about current regulations? Are there too many? Should government get more involved or less involved? We just saw some new rules or new suggestions from the executive offices, kind of undoing the previous one, which will probably be undone by the next one. Of course, there's Europe trying to overregulate everything. Where do you stand? What do you think this conversation should be with governments? What is your take as a global business on all of these regulations? Are they good? Do we need some? How much do we need to do not to stifle innovation too much, but still provide some actual societal guide rails and national security guardrails in many cases?
Bipul Sinha
>> The way I think about regulation, specifically for a new space such as AI, is to be soft touch in the beginning, to then understand the implications of it and let it flourish. But once it starts to flourish and it gets into different organizations, we see the acceleration. Then we understand what are the unintended consequences that could happen because of this technology, and that's when you start to put regulatory guardrail. I love regulations because it creates equal playing field done right, but regulation is one of those things that getting exactly right is hard. Either you don't do it or you overdo it. That's why it's always better to understand what are we regulating, otherwise we could have more regulations and less companies. We don't want that.
Dave Vellante
>> No. So the market will eventually get things right. It's hate SaaS now and ARR. You're putting up some pretty big numbers of 34% ARR growth, 120% NRR. Your win rates went up to 90%, which I think previously you were sort of talking about 80s and there was some pushback from analysts or maybe not pushback, but concern over how much runway was left. But what's driving the momentum in your business? What does the market have right? What does the market have wrong?
Bipul Sinha
>> So first of all, Rubrik is a data infrastructure company. We are not one of those fly by night marketing automation company. If Rubrik doesn't work, banks come to stand still. Hospitals can't serve their patients. It is a mission-critical system. That's number one. We've built complex software that has years and years of R&D and customer feedback and experience across thousands of enterprises built into the platform. It cannot be vibe coded. And then the third thing is, we built our platform purposefully for cyber recovery, cyber resilience. We are not one of those legacy architecture that is masquerading as cyber resilience. Since we have purpose built it, we have this preemptive recovery engine that pre-calculates what is a clean data state before the attack so that as soon as attack happens, we are ready to recover. And that makes the difference whether you are up and running in hours or down for weeks and months. You have seen news of companies that have been down for very, very long time. And these ability to deliver fast recovery, Rubrik is uniquely designed platform. Our competition has no such capability. So when we go head-to-head and they test our product with respect to our competition, we have 90% plus win rate.
Dave Vellante
>> So how does that work? So obviously your recovery time can be fast. I get that part. But the amount of data loss was of course going to vary by the impact of the incident. Can you recover a certain portion and then sort of stage that recovery? Or are you able to take a wider observation space? What's the sort of secret sauce there?
Bipul Sinha
>> Rubrik has like autonomous and intelligent recovery. I'll give you an example. For our M365, if you're a large institution with 100,000 users, you don't want to recover all users at the same time because it'll take long time for your CEO can log in. So we have something called prioritized recovery where you can divide your users into tiers and then we do tiered recovery. Then we also do breadth first. So we recover only three, four weeks worth of data for everybody before we go recover the cold data. We have a new feature called autonomous recovery where we track which objects have been touched in the last couple of weeks and we go recover those things first before recover the rest of the world. So the Rubrik, again, we purposefully build this platform for cyber recovery and the recovery time objective is the difference between a business is in business or not. So our goal is hospitals should continue to have ATM operated ... Sorry, hospitals would continue to deliver patient care, banks would continue to deliver their ATM services, business should continue to be in business even when they are confronted with cyber attack.
Dave Vellante
>> You had mentioned before how sophisticated your software is. And I think that sometimes there's a misperception about Rubrik, because in early days, you made a mark because you were so much simpler than the legacy tooling. And so people associated that maybe with, didn't understand quite the depth and what you just explained is non-trivial to create. So congratulations on getting where you are. The best is yet to come as we were talking about earlier.
Bipul Sinha
>> We have a big ambition. We want to build Rubrik into a generational company and generational company can only be built on culture, company culture, great technology, but always track the market and always reinvent yourself. When we first built a product, we said, "If something is built in 2014, you should not have job scheduling, because that was built for a tape era." So we removed that. People saw it and said, "Oh my God, it doesn't have jobs. How do you do it?" But our idea was that in 2014, if we can't tell you what is a better way to protect your data, then we have failed you because we are taking you in the '80s and '90s era. So our goal has always been be two miles ahead of the customers, deliver the best technology, beam from the future into their hands, and learn from them that where their business is going, what is their strategy, and serve to the fullest extent.
Dave Vellante
>> We're out of time, but I would love to come take you up on your offer, to come to your offices and have a much longer discussion about culture, your background, where you came from, how you started this company, your thoughts on this country, and I would love to do that.
Bipul Sinha
>> I would love to have this opportunity. I'll tell you why I think I'm more American than American.
Dave Vellante
>> Let's leave it there and I would love to pick up on that next time I see you. All right.
Bipul Sinha
>> Thank you, Dave.
Dave Vellante
>> Thanks very much. Appreciate it. All right. And thank you for watching. This is Dave Vellante for Christophe Bertrand, we're at RSAC 2026 live. We'll be right back on theCUBE right after this short break.
Dave Vellante
Christophe Bertrand