Cybersecurity Builders

Joni Klippert⁠ didn't come from security. She came from DevOps — two companies, including VictorOps, which she joined as the first non-engineering hire and helped bring to market. At conferences like DevOps Days Enterprise, she kept running into the same frustrated security teams: they knew they couldn't keep up with the pace of software delivery, but their only move was to act as a gate. That observation, paired with her co-founder Scott Gerlach's decade of practitioner experience — including CISO at ⁠SendGrid⁠ through its acquisition by Twilio — became StackHawk: a dynamic application security testing platform that puts runtime vulnerability testing directly into the CI/CD pipeline, built for the engineers writing the code. In this episode, Joni breaks down how she abandoned her original PLG thesis when enterprise came knocking, how AI-accelerated software delivery has created a structural problem for static analysis tools that benefits StackHawk, and why category definition in AppSec is less about analyst quadrants and more about being precise about what you test and how.TOPICS DISCUSSEDWhy a DevOps founder built her third company in cybersecurityThe structural ceiling in engineering-led PLG deals — and what it signals about ICPHow StackHawk's first major enterprise logo arrived inbound and changed the GTM thesisRotating segment focus when market conditions compress SMB security budgetsWhy AI-accelerated code delivery is a tailwind for runtime testing and a headwind for static analysisBuilding a bridge product for aspirational enterprise buyers who aren't yet DevOps-nativeCategory definition when you don't fit cleanly into AppSec or API securityWorking with analysts on emerging categories like DAST in the age of AIThe organizational misalignment between engineering velocity goals and AppSec team operating models// Sponsors: Front Lines — We help B2B tech companies launch, manage, and grow podcasts that drive demand, awareness, and thought leadership.⁠ www.FrontLines.io⁠The Global Talent Co. — We help tech startups find, vet, hire, pay, and retain amazing marketing talent that costs 50-70% less than the US & Europe.⁠ www.GlobalTalent.co⁠//Don't Miss: New Podcast Series — How I Hire Senior GTM leaders share the tactical hiring frameworks they use to build winning revenue teams. Hosted by Andy Mowat, who scaled 4 unicorns from $10M to $100M+ ARR and launched Whispered to help executives find their next role. Subscribe here:⁠ https://open.spotify.com/show/53yCHlPfLSMFimtv0riPyM⁠

Mehul⁠ spent over 20 years building cybersecurity products, including early time at Tenable where he watched the company scale from a scrappy startup to a billion-dollar platform. Now he's co-founding ⁠Quantro Security⁠, which just came out of stealth with an AI agent platform built specifically for cyber defense. The core thesis: AI has reduced the cost of building attacks to near zero, and static rules-based defense tools weren't built for what's coming.Topics Discussed:How AI reduced the cost of exploit development and what that means for defendersWhy Quantro Security rejects CTEM, risk-based VM, and every existing categoryThe "user interface of record" positioning vs. the "system of record" frame most AI companies chaseThree competitive buckets: hyperscalers, siloed point tools, and internal build teamsWhy agents should be prompting humans, not the other way aroundThe vision for a small elite security team managing 50 to 100 purpose-built AI agentsKey Insights:AI-native offense requires AI-native defense. Mehul's core thesis isn't speculative — it's built on what he watched happen to his own craft. Writing vulnerability exploits once required deep skill and months of work. AI collapsed that barrier. "So now an attacker can essentially build a functional exploit with just a prompt." The implication for defenders is direct: the tools built for the old pace won't be sufficient for the new one.Rejecting every existing category. When Quantro came out of stealth, the obvious move was to slot into CTEM or risk-based vulnerability management. Mehul passed. "Are you a CTEM player? Are you a risk-based VM player? Are you VM player? Well, no, no, no, none of that." The existing categories imply replacing tools. Quantro's frame is different: become the connective layer on top of what customers already have.User interface of record, not system of record. Most AI companies pitch replacing core platforms. Quantro's pitch is the opposite: "We don't replace the tools. We just make their existing tools much more, much more effective." Enterprises aren't ripping out entrenched infrastructure. They want ROI from what they've already bought.The barbell competitive map. Mehul frames the landscape as a barbell: hyperscalers ("a mile wide, a millimeter deep") on one end, siloed point tools (deep in their own data, blind to organizational context) on the other. Quantro positions as the connective tissue between them.The 50% false positive tax. When Mehul talks to security prospects, the same reality surfaces: "Almost 50 % of the time is triaging false positives, reaching out to the people." Asset ownership is unclear. Handoffs break down. None of it moves the risk needle. The agents absorb that work.//Sponsors:Front Lines — We help B2B tech companies launch, manage, and grow podcasts that drive demand, awareness, and thought leadership.⁠ www.FrontLines.io⁠The Global Talent Co. — We help tech startups find, vet, hire, pay, and retain amazing marketing talent that costs 50-70% less than the US & Europe.⁠ www.GlobalTalent.co⁠//Topics Discussed:GTM Lessons For B2B Founders:Don't Miss: New Podcast Series — How I Hire Senior GTM leaders share the tactical hiring frameworks they use to build winning revenue teams. Hosted by Andy Mowat, who scaled 4 unicorns from $10M to $100M+ ARR and launched Whispered to help executives find their next role. Subscribe here:⁠ https://open.spotify.com/show/53yCHlPfLSMFimtv0riPyM

Identity fraud spiked 148% in 2025 as AI democratized identity fabrication. Financial institutions now face a fundamental question: Are you dealing with a real human? Heka Global is addressing this with web intelligence—analyzing digital footprints like connected applications rather than traditional signals. In this episode of BUILDERS, I sat down with Idan Bar-Dov⁠, Co-Founder & CEO of ⁠Heka Global⁠, to explore how his company created a fourth layer in the anti-fraud stack and why legacy identity verification systems are becoming liabilities rather than assets.Topics Discussed: The emergence of "fraud as a service" and why consumer-facing attacks replaced traditional enterprise breaches How web intelligence works: validating identity through connected applications and digital footprints The anti-fraud tech stack: credit bureaus, biometrics, transaction analytics, and web intelligence as distinct layers Why heads of fraud expand budgets rather than replace vendors, and what causes solutions to get kicked out The partnership sales model: navigating vendor management complexity and red tape in financial institutions Why 10-person dinners and fraud simulations outperform traditional enterprise marketing How Barclays and Cornerback backing solved the chicken-and-egg problem for a data product Why specific fraud prevention messaging (account takeover, synthetic identities) beat investor credibilityGTM Lessons For B2B Founders:Target ICP based on liability exposure, not just industry fit: Heka narrowed beyond "financial institutions" to lenders who bear immediate losses from fraud—companies like LendingPoint, Avant, and Upstart. These buyers feel the pain acutely versus institutions with reimbursement terms who can deflect liability. Idan's insight: "We need the client to feel the pain just as much as we see it. That means we want them to see the liability." Frame your product as a new stack layer, not a competitive replacement: Heka positioned web intelligence as the fourth distinct layer after credit bureaus, biometrics, and transaction analytics. This became their second pitch deck slide, showing logos of each category. The result: buyers stopped comparing Heka to existing vendors and started evaluating complementary value. Abandon spray-and-pray for sub-1,000 TAM markets: Heka tested Lemlist flows with targeted LLM personalization and saw zero pipeline from it. Idan's take: "When you're selling to maybe a thousand financial institutions, that's it. You can be super specific when you target them." For enterprise plays with small addressable markets, allocate zero budget to automated outbound. Focus entirely on warm introductions, relationship nurturing, and becoming known to every relevant buyer through content and community.Leverage investor networks to break data product cold-starts: Data products face a critical barrier—you need customer data to prove value, but need proven value to get customers. Heka solved this by bringing on Barclays and Cornerback as investors who vouched for the team's capability to "do magic and create a new layer." Their backing convinced risk-averse financial institutions to pilot. // Sponsors: Front Lines — We help B2B tech companies launch, manage, and grow podcasts that drive demand, awareness, and thought leadership.⁠ www.FrontLines.io⁠The Global Talent Co. — We help tech startups find, vet, hire, pay, and retain amazing marketing talent that costs 50-70% less than the US & Europe.⁠ www.GlobalTalent.co⁠//Don't Miss: New Podcast Series — How I Hire Senior GTM leaders share the tactical hiring frameworks they use to build winning revenue teams. Hosted by Andy Mowat, who scaled 4 unicorns from $10M to $100M+ ARR and launched Whispered to help executives find their next role. Subscribe here:⁠ https://open.spotify.com/show/53yCHlPfLSMFimtv0riPyM

Portnox⁠ is an enterprise access control platform that eliminates passwords and enforces zero trust security. The company was bootstrapped for over a decade, plateauing at a few million in ARR before investors brought in ⁠Denny LeCompte⁠ as CEO four years ago. Since then, Portnox has grown 8x. But this episode isn't about that growth story. Denny, a former cognitive scientist and professor who taught psychometrics, uses his scientific background to systematically dismantle Net Promoter Score—explaining why it's methodologically flawed, how it misleads organizations, and which metrics actually correlate with business performance. This is a contrarian take grounded in measurement science, not marketing opinion.Topics Discussed:The fundamental psychometric flaws in NPS: why single-item questionnaires are unreliable and why throwing out 7s and 8s violates basic statistical principlesHow NPS scores fluctuate based on survey UI presentation independent of actual customer sentimentWhy NPS creates incentive structures that encourage gaming rather than improving customer outcomesThe case for gross revenue retention and net revenue retention as the only ungameable metrics that matterHow measuring human behavior changes that behavior (the Heisenberg principle applied to business metrics)Why investors care about retention rates above 90% but don't ask about NPS scoresGTM Lessons For B2B Founders:Single-item questionnaires violate measurement principles: Denny's background in psychometrics immediately flagged NPS as unreliable. One-item measures lack the redundancy needed for reliability, and the methodology of throwing out middle responses (7s and 8s) then subtracting detractors from promoters is statistically nonsensical. At a previous company with thousands of data points, he observed NPS scores drop and rise based solely on how the survey rendered on the page—no business changes, just UI differences. Compensation drives behavior more than metric accuracy: Portnox structures customer success compensation as 50% gross revenue retention and 50% net revenue retention. These are determined by finance and can't be manipulated. Denny had to rein in his CS team when they became overly focused on time-to-value because any number you give a team becomes their obsession. With NPS, teams game survey timing, cherry-pick recipients, and optimize for score rather than outcome. Investors evaluate retention rates, not satisfaction surveys: When Denny presents gross retention above 90%, investors don't ask about NPS. Renewal behavior reveals actual satisfaction—customers voting with budget rather than survey responses. The test for any metric: "What are we doing differently if this number is up versus down?" If it doesn't drive distinct actions or reveal information not already visible in financials, eliminate it. Question inherited practices ruthlessly: NPS gained adoption through Harvard Business Review credibility in 2003 and consulting firms building practices around it. The promise of "one number you need" appeals to executives wanting simple solutions. But herd behavior—"everyone else measures it"—perpetuates bad methodology. Sponsors:Front Lines — We help B2B tech companies launch, manage, and grow podcasts that drive demand, awareness, and thought leadership.⁠ www.FrontLines.io⁠The Global Talent Co. — We help tech startups find, vet, hire, pay, and retain amazing marketing talent that costs 50-70% less than the US & Europe.⁠ www.GlobalTalent.co⁠//Don't Miss: New Podcast Series — How I Hire Senior GTM leaders share the tactical hiring frameworks they use to build winning revenue teams. Hosted by Andy Mowat, who scaled 4 unicorns from $10M to $100M+ ARR and launched Whispered to help executives find their next role. Subscribe here:⁠ https://open.spotify.com/show/53yCHlPLSMFimtv0riPyM

Sophos⁠ represents one of cybersecurity's most vulnerable companies, founded in 1985 as an antivirus provider and now operating at massive scale with $1.5 billion in ARR and 5,700 global employees. Under CEO Joe Levy's leadership, the company has undergone a fundamental transformation from a traditional product-focused vendor to a services-driven platform that addresses core market failures in cybersecurity. In a recent episode of Category Visionaries, we sat down with ⁠Joe Levy⁠ to learn about the company's pivot to managed detection and response (MDR) services, their $860 million SecureWorks acquisition, and their vision for democratizing cybersecurity strategy across millions of organizations worldwide.Topics Discussed: Sophos's evolution from antivirus origins through multiple business model reinventions over four decades The strategic pivot to managed detection and response (MDR) services starting in 2018-2019 Building organizational support for major business model changes through experimental frameworks Managing channel partner relationships during service transformation with 25,000 global partners The $860 million SecureWorks acquisition and integration strategy to achieve category leadership Scale as a competitive advantage in cybersecurity platform operations The future vision of democratizing cybersecurity through "virtual CISO" services at massive scaleGTM Lessons For B2B Founders:Address systemic market failures through business model innovation: Joe identified that cybersecurity's core problem wasn't technology quality but post-sale execution. "As an industry we have been really good at buying and selling products, but we've never been good. In fact, we've been terrible at their implementation and their lifecycle management." This insight led to Sophos's services transformation. Structure major strategic pivots as controlled experiments: When proposing the MDR services pivot, Joe framed it as a measurable experiment rather than a leap of faith. "The conversation primarily consisted of, I want to run an experiment. Invest heavily in stakeholder alignment during business model transitions: The most challenging aspect wasn't technical but maintaining relationships with 25,000 channel partners who might view new services as competitive threats. Shift sales focus from product features to guaranteed outcomes: Sophos had to retrain their sales organization for services selling. "The fundamental difference between selling a product and selling a service is... what the expectations of the outcome that service is going to provide for them." Use strategic M&A to achieve immediate category leadership: Rather than relying solely on organic growth, Sophos accelerated their MDR strategy through the $860 million SecureWorks acquisition. "It technically makes us the largest MDR operator, pure play cybersecurity MDR operator... on the planet today." Build scale as a defensible competitive advantage: Joe argues that scale is "an often overlooked but a critically important element when it comes to the selection of information technology vendors." In platform businesses handling massive data volumes and real-time operations, the ability to operate at scale becomes a key differentiator.  // Sponsors: Front Lines — We help B2B tech companies launch, manage, and grow podcasts that drive demand, awareness, and thought leadership.⁠ www.FrontLines.io⁠The Global Talent Co. — We help tech startups find, vet, hire, pay, and retain amazing marketing talent that costs 50-70% less than the US & Europe.⁠ www.GlobalTalent.co⁠//Don't Miss: New Podcast Series — How I Hire Senior GTM leaders share the tactical hiring frameworks they use to build winning revenue teams. Hosted by Andy Mowat, who scaled 4 unicorns from $10M to $100M+ ARR and launched Whispered to help executives find their next role. Subscribe here:⁠ https://open.spotify.com/show/53yCHlPfLSMFimtv0riPyM

Wultra⁠ provides post-quantum authentication for banks, fintechs, and governments—protecting digital identities from emerging quantum computing threats. In this episode, ⁠Peter Dvorak⁠ shares how he broke into the notoriously closed banking ecosystem by leveraging his early experience in mobile banking development. From navigating multi-stakeholder enterprise sales to positioning quantum-safe cryptography when the threat timeline remains uncertain (consensus: 2035, but could accelerate), Peter reveals the specific strategies required to sell mission-critical security infrastructure to regulated financial institutions.Topics Discussed:How post-quantum cryptography runs on classical computers while protecting against quantum threatsWhy European banking regulation drives global authentication standardsThe multi-stakeholder sales process: quantum threat teams, CISOs, CTOs, and digital product ownersConference strategy and analyst relationships (Gartner, KuppingerCole) for category positioningBanking budget cycles and why June/July approaches failBreaking the "who else is using this?" barrier with banking-specific proof pointsPositioning as the only post-quantum cryptography provider for digital identity in bankingGTM Lessons For B2B Founders:Layer future-proofing onto immediate ROI: Post-quantum cryptography doesn't require quantum computers to function—it runs on classical infrastructure while providing superior security. Peter sells banks on moving from SMS OTP to mobile app authentication (tangible, immediate benefit) while positioning quantum resistance as migration insurance: "You won't have to rip-and-replace in three years."Give struggling departments concrete wins: Large banks have quantum threat teams tasked with replacing every piece of software by 2030-2035. Peter gives them measurable progress: "We move you from 5% to 10% completion on authentication and digital identity." These teams need defensible projects to justify their existence. Banking references are binary gatekeepers: Every bank asks "who else is using this?" Non-banking customers (telcos, gaming, lottery) don't count—banking regulation and systems are fundamentally different. The first banking customer is the hardest barrier. Once cleared, subsequent conversations become tractable. Respect the annual budget cycle: Banks allocate resources 12 months ahead. Approaching in Q2/Q3 means budgets are locked—even free POCs fail because internal resources are committed. Peter's pipeline strategy: build relationships and maintain visibility throughout the year, then activate when budget windows open. Map and sequence multi-stakeholder buys: Authentication purchases require alignment across quantum threat teams (if they exist), cybersecurity/compliance, CTO/CIO (infrastructure acceptance), and digital product owners (UX concerns affecting their KPIs). Start at director level—board executives are too removed from technical details. EU regulatory leadership creates expansion vectors: European regulations like PSD2 and strong authentication requirements get replicated in Southeast Asia, MENA, and other regions. Peter benefits from solving EU compliance first, then riding regulatory diffusion. The US remains fragmented with smaller regional banks still using username/password. //Sponsors: Front Lines — We help B2B tech companies launch, manage, and grow podcasts that drive demand, awareness, and thought leadership.⁠ www.FrontLines.io⁠The Global Talent Co. — We help tech startups find, vet, hire, pay, and retain amazing marketing talent that costs 50-70% less than the US & Europe.⁠ www.GlobalTalent.co⁠//Don't Miss: New Podcast Series — How I Hire Senior GTM leaders share the tactical hiring frameworks they use to build winning revenue teams. Hosted by Andy Mowat, who scaled 4 unicorns from $10M to $100M+ ARR and launched Whispered to help executives find their next role. Subscribe here:⁠ ⁠⁠https://open.spotify.com/show/53yCHlPfLSMFimtv0riPyM

In today's episode of Category Visionaries, we speak with ⁠Mike Janke⁠, Co-founder of ⁠Data Tribe⁠, a venture capital firm driving change through a whole new approach to investing, about how a hyper-targeted and hands-on approach has helped them achieve a 96% success rate when it comes to guiding their partners to transformative market change and, ultimately, commercial viability. By carefully selecting only truly innovative startups and embedding deep in their operations, Data Tribe are making a name for themselves and their world-changing technologies.We also speak about Mike’s unorthodox entrance into the startup sector from a background in the military, what really excites him about the investment cycles he’s involved in, why so many of Data Tribe’s partners originate from the state-supported sector, and why there’s no real way to scale the Data Tribe hyper-focused approach to venture beyond a few hand-picked partners.Topics Discussed:Mike’s path to venture capital, from the military to being a six-time founder in the startup tech sector and beyondThe deluge of investment funding innovation in the state sector, and how Data Tribe helps build-out commercial viability beyond itHow Data Tribe ended up behind six of the World Economic Forum’s ‘technologies of the year.’Why Data Tribe focus on a small number of hand-selected partners, and what makes their approach impossible to scale furtherWhat makes for a good investment pitch, and why you should always leave it to the investor to set the valuationWhy category creation isn’t a panacea, and why an innovative technology will guarantee a new category if it’s truly transformative

BlueRock is building an agentic security fabric to protect organizations deploying AI agents and MCP workflows. With a $25 Million Series A, founder Bob Tinker is tackling what he sees as a 10x larger opportunity than mobile's enterprise disruption. Bob previously scaled MobileIron from zero to $150 million in five years and took it public in 2014. In this episode of Category Visionaries, Bob shares the strategic mistakes that cost MobileIron its category positioning, why go-to-market fit is the missing framework between PMF and scale, and how B2B marketing has fundamentally transformed in just 18 months.Topics Discussed:Taking a company public: the killer marketing event versus the unexpected team psychology challenges of daily stock volatilityWhy agentic AI workflows create unprecedented security challenges at the action and data layer, not just promptsThe strategic timing of category definition: MobileIron's cautionary tale of letting Gartner define you as "MDM" when customers bought for securityWhere enterprise buyers actually get advice now that Gartner's influence has diminishedAEO (Answer Engine Optimization) replacing SEO as the primary discovery mechanism for B2B solutionsWhy 1.0 categories have fundamentally unclear ICPs versus 2.0/3.0 products with crisp buyer personasThe "high urgency, low friction" framework for prioritizing what to build in nascent marketsGo-to-market fit: the repeatable growth recipe that unlocks scaling post-PMFUnlearning as competitive advantage for second-time foundersGTM Lessons For B2B Founders:Time your category noun definition strategically: MobileIron focused exclusively on solving the problem (the verb) but waited too long to influence category nomenclature. Gartner labeled it "Mobile Device Management" when customer purchase drivers were security-focused, not management. Use customer language as category discovery, not invention: Bob's breakthrough on BlueRock positioning came from asking prospects: "How would you describe what we do to your peers?" One prospect distinguished their focus on "the action side - taking AI and taking action on data and tools" versus prompt inspection and AI firewalls. Engineer for the "high urgency, low friction" intersection: Bob's filtering criteria for BlueRock's roadmap requires both dimensions simultaneously. When a prospect revealed they were building their own MCP security tools - a signal of acute, unmet pain - they also asked BlueRock to add prompt security features. Accept ICP ambiguity as a feature, not bug, of 1.0 markets: In 2.0/3.0 categories, you can target "VP of Detection & Response" with precision. In 1.0 markets like agentic security, Bob finds buyers across three distinct orgs: agentic development teams building secure-by-default systems, product security teams inside engineering (not under the CISO), and traditional security organizations. Shift content strategy from SEO to AEO immediately: Bob identifies the clock speed of marketing change as "breathtaking" - what worked 18 months ago is obsolete. The specific shift: ranking above the fold in Google search is now irrelevant. Treat go-to-market fit as a distinct inflection point: Bob observed a consistent pattern across MobileIron, Box (Aaron Levie), Citrix (Mark Templeton), Palo Alto Networks (Mark McLaughlin), and SendGrid (Sameer Dholakia) - all hit PMF, hired salespeople aggressively, burned cash, and stalled growth while boards grew frustrated. Build community as primary discovery in fragmented buyer markets: Bob's most different GTM motion versus five years ago: "We're just out talking to prospects and customers - individual reach outs, hitting people up on LinkedIn, posting in discussion boards, engaging with the community." Practice systematic unlearning as second-time founder discipline: Bob's most personal insight: "What really got in my way wasn't what I needed to learn. It was what I needed to unlearn."

Nightfall AI is pioneering AI-native data loss prevention (DLP) for enterprises navigating cloud, SaaS, and AI application proliferation. Founded in 2017 by former Uber engineers who witnessed data breaches firsthand, Nightfall addresses the architectural limitations and false positive problems plaguing legacy DLP solutions. By leveraging machine learning and large language models across three distinct layers—content classification, risk assessment, and forensic investigation—Nightfall delivers 10x accuracy improvements while enabling secure AI adoption. In this episode of Category Visionaries, I sat down with Rohan Sathe, Co-Founder & CEO of Nightfall AI, to explore their strategy for displacing entrenched incumbents and positioning as the security enabler for organizational AI deployment.Topics Discussed:Nightfall's founding thesis addressing DLP coverage gaps created by cloud and SaaS migrationThree-layer AI architecture: content classification, behavioral risk analysis, and agent-assisted forensicsPositioning against legacy DLP's rules-based approaches and exact data match workaroundsMarket education shift post-ChatGPT: from "don't use AI" to "enable AI securely"Purple brand differentiation strategy in security's dark-themed visual landscapeConference ROI reallocation: executive suite meetings versus booth presence at RSA and Black HatMid-market to enterprise expansion pattern through peer-to-peer word-of-mouthFounder-led LinkedIn strategy balancing market education with competitive displacement narrativesSales team composition: domain practitioners versus traditional sales profilesGTM Lessons For B2B Founders:Structure POVs to prove quantifiable superiority on one dimension: Rohan revealed Nightfall benchmarks against Google and Microsoft DLP APIs, demonstrating 10x accuracy improvements during proof-of-value cycles. When challenging mature categories, identify the single metric where you demonstrably outperform and architect evaluations to surface that gap. Deploy AI across three workflow layers, not as a monolithic feature: Nightfall applies AI distinctly at content classification (identifying sensitive data with high precision), behavioral analysis (distinguishing risky data movement from standard workflows), and investigation assistance (helping analysts focus forensic efforts). Replace field marketing spend with curated CISO access: Nightfall redirected budget from RSA and Black Hat booths to private suites hosting scheduled executive meetings. Rohan emphasized engaging "chief information security officers who sign the checks" in intimate settings rather than booth traffic. Design 8-person dinners as vendor-neutral industry forums: Nightfall hosts 3-4 annual dinners with 5-7 prospects and 2-3 team members (founders, head of product) structured around industry developments—like OpenAI's agent workflow builder and security implications—not product pitches. Hire former practitioners into quota-carrying roles: Rohan identified hiring former DLP security operations analysts as account executives or solutions architects, mirroring trends in legal tech and HR tech. Use LinkedIn for two narratives: market education and competitive wins: Rohan posts thought leadership on DLP evolution and AI security implications alongside selective announcements of competitive displacements at enterprise AI companies and top 10 banks. He noted role postings also drive engagement, signaling growth momentum. Leverage AI adoption mandates as your demand generation engine: Post-ChatGPT, Rohan noted "board mandate and CEO mandate from every company to use as much AI as you can" created new security requirements. Challenge category conventions through education, not assertion: Rather than simply claiming exact data match (EDM) is obsolete, Nightfall explains EDM emerged as a workaround for rules-based approaches' false positive problems—and ML eliminates the need for workarounds entirely.

In this episode of The Marketing Front Lines, we speak with Carole Winqwist, CMO of GitGuardian, a cybersecurity company specializing in secret detection and code vulnerabilities. Carole shares how her team approaches rapid response marketing during major security breaches, the evolution from traditional SEO to answer engine optimization (AEO), and how AI is fundamentally reshaping marketing team structures and capabilities. From navigating Reddit's strict moderation policies to leveraging AI for accelerated content production, Carole provides tactical insights on staying ahead in B2B cybersecurity marketing while building agile, technically-savvy teams.Topics Discussed:Rapid response marketing vs. newsjacking in cybersecurityTransitioning from SEO to answer engine optimization (AEO)Building technically-savvy marketing teams with engineering backgroundsNavigating Reddit as a content distribution channel for B2B companiesAI's impact on marketing team structure and content production velocityEnabling team innovation through experimentation and early adoptionStructuring content strategy for LLM indexing and discoveryLessons For B2B Tech Marketers:Execute Rapid Response, Not Newsjacking: GitGuardian only responds to security breaches within their core expertise (secret detection and code vulnerabilities). Rather than simply commenting, they conduct original research, analyze breach data, and provide best practices based on actual findings. This positions them as experts rather than opportunists and resonates with sophisticated security audiences who can spot ambulance chasing.Invest in Deep, Data-Rich Content for AEO Success: The shift from SEO to answer engine optimization rewards marketers who were already creating substantive content. Long-form articles with original research, data, and proof points perform well with LLMs because they demonstrate legitimate expertise. This "back to basics" approach means writing for intelligent systems rather than gaming algorithms with keyword repetition and link schemes.Build Marketing Teams with Technical DNA: GitGuardian includes team members with engineering and technical backgrounds who can quickly evaluate new tools and tactics with a testing mindset. Navigate Reddit Through Value, Not Promotion: Reddit's moderators are highly sensitive to commercial content, but original research and genuine insights can break through. The key is ensuring content provides real value independent of company affiliation. GitGuardian struggles with this balance—their vulnerability research is valuable but gets flagged because it lives on a company blog. Structure AI Adoption Around Velocity Gains, Not Headcount Reduction: GitGuardian didn't eliminate positions due to AI but rather increased output with the same or smaller teams. Their content strategist can now handle work that previously required multiple technical writers. One product marketing manager now serves a sales team double the size. Create "Divide and Conquer" Specialization Across Emerging Channels: Rather than having everyone monitor everything, GitGuardian assigns team members to focus on specific emerging areas—one person owns AEO, others focus on intent data, AI tools, etc. Enable Horizontal Skill Development Through AI Tools: AI is allowing marketers to become more transversal, handling end-to-end campaigns rather than narrow specializations. Someone without deep technical expertise can now produce technically accurate content by using AI as an assistant.Reward Experimentation Through Internal and External Visibility: GitGuardian's philosophy is to let team members test new approaches unless completely off-strategy. When experiments succeed, team members gain visibility internally and speaking opportunities at conferences. Use AI for Rapid Onboarding and Intern Productivity: New team members and interns become productive much faster when fed solid source content to work with through AI.

With over 30 years in wireless—from helping pioneer intercarrier SMS to running mobile identity operations across Americas and Asia Pacific — Eddie DeCurtis saw what others missed: 967 of 1,000 global mobile network operators lack the infrastructure to monetize CPNI data while protecting customers from fraud. The technical challenge isn't building APIs. It's that operators spent billions on 5G infrastructure and now lack capital, internal expertise, and operational frameworks to launch authentication services. In 18 months, Shush went from PowerPoint to 30 employees, supporting 47 network APIs with full GSMA Open Gateway compliance. Eddie shares how understanding regulatory frameworks by jurisdiction, not just deploying technology, became their competitive moat—and why hiring the executive who built T-Mobile USA's authentication platform gave them credibility no competitor could match.Topics Discussed:Why operators repeatedly said "we want to do it, we have no idea how, we have no money, we don't have a platform"Validating the thesis with former AT&T Communications CEO John Donovan before launchingSecuring a POC with a major operator pre-incorporation—with only a PowerPoint deckThe three-legged stool: technology, network integration, and business operations (where competitors fail)Why knowing privacy regulations for CPNI data sharing by country became a deal-closerReducing network integration from dozens of touchpoints to three specific network elementsSupporting 8 Linux Foundation Camara APIs and TS.43 GBA AKA authentication standardGoing from 3 to 30 employees and launching at Mobile World Congress on a $75/night Airbnb budgetGTM Lessons For B2B Founders:Validate with the person most likely to kill your idea: Eddie deliberately chose John Donovan—former CEO of AT&T Communications, board member at Lockheed and Palo Alto Networks—specifically because "he's going to be rough, he's going to totally ask the really hard questions." When Donovan's response was "go raise $40 million and own this space...you're not going to be alone for long," . Convert pre-product conviction into design partner commitments: Eddie secured a POC agreement with a major operator before Shush incorporated. "I had nothing. I didn't have software. We had an idea, we had a PowerPoint presentation." This only works when you've spent decades building domain expertise and relationships. The enterprise moat is operational knowledge, not technical capability: Eddie's thesis: "Anybody can come up with the technology. You walk down the street in the Bay Area, 10 developers will develop it for you." Shush differentiated by answering questions competitors couldn't: How do you price SIM swap detection per query? What are CPNI data sharing regulations in Indonesia versus Brazil? When Eddie told an operator "here's the privacy rules for your country" after they admitted "I have no idea,". Target the ambition-capability gap in capital-constrained buyers: Operators told Eddie the same story: eager to launch authentication services, zero clarity on execution, budgets decimated by 5G spending. This created perfect conditions for a full-stack solution. "Mid-market is hard because you have a buyer with problems that are not basic anymore, but they lack the ability to execute."Hire the operator who ran your exact use case at scale: Eddie cold-called John Morrowton, who "built this actual product and service offering at T-Mobile USA, from its inception to its execution and ran it for four years." His pitch: "I'm Eddie DeCurtis, how are you? You want a job? You're Chief Product Officer." Minimize integration surface area to accelerate deployment: Mobile operators run highly secure networks with limited external access points. Shush "narrowed it down to three network elements that we can communicate with to provide all 47 APIs." Fewer integration points means faster deployment, lower implementation risk, and reduced operator IT overhead.

StrongestLayer is building AI-native email security architecture designed for threats that defeat pattern-matching systems. The company pivoted from security awareness training after early customers discovered its phishing detection plugin caught advanced threats that legacy gateway solutions missed. In a recent episode of Category Visionaries, we sat down with Alan LeFort, CEO of StrongestLayer, to discuss why architectural generation matters more than vendor reputation in email security, and how they're using transparent proof-of-concept methodology to displace 20-year incumbents. Topics Discussed:Why AI-generated attacks with n=1 datasets break signature-based detection architecturesThe convergence of legitimate marketing automation and phishing techniques (lookalike domains, intent signals, AI-personalized messaging)How 2% of attack types represent 90% of breach value, forecast to reach 17% of volume by 2027Transparent POC strategy achieving 85% meeting-to-POC and 100% qualified-POC-to-technical-win conversionStage-based ICP selection: targeting 1,000-10,000 seats for sub-6-month sales cycles with enterprise compliance requirementsHarvard Kennedy School research: AI enables 88% employee profiling from public data, 95% cost reduction for targeted campaigns, and 60% click rates versus 12% baseline GTM Lessons For B2B Founders:Deploy transparent POCs as category displacement weapons: When attacking entrenched incumbents, StrongestLayer runs one-week POCs behind existing email security gateways with zero commercial pressure—just visibility into what's being missed. At a sub-1,000-seat company running behind a top-three market leader, they surfaced 80 advanced threats in one week. This approach converts 85% of first meetings to POC and 100% of qualified POCs to technical wins. Stage-match your ICP to burn rate tolerance, not TAM: Alan deliberately excludes Fortune 500 despite universal email security need: "When their procurement team is bigger than your whole company, not a good scene." Instead, they target 1,000-10,000 seats—enterprises with SOC2/compliance obligations but without Fortune 500 security budgets or staffing. These accounts close in under 6 months. The framework: Define ICP by sales cycle length your runway can sustain, then expand segments as capital position improves. Trade IP opacity for velocity when architectural advantage compounds: Unlike security vendors protecting methodology behind NDAs, StrongestLayer publishes full product demos on YouTube and shares detection logic openly. Alan's thesis: "I'm going all in on velocity. I'm going to transparently share, get it in front of as many customers as we can." This works because their advantage is continuous AI model improvement velocity, not a static algorithm competitors could copy. If your moat is execution speed and iteration cycles rather than a single proprietary technique, transparency accelerates trust-building and shortens enterprise consideration periods.Quantify the shift from volume metrics to value-at-risk metrics: Rather than competing on total threat detection volume, StrongestLayer focuses on the 2% of attack types (BEC, advanced spear phishing) that represent 90% of breach value—and are growing to 17% of attack volume by 2027. They weaponize third-party research (Harvard Kennedy School) showing AI reduces targeted attack costs by 95% while increasing success rates from 12% to 60%. Bifurcate messaging by operational reality, not just title: Alan messages CISOs around risk buying-down and ROI, positioning email security as a solved problem that's becoming unsolved. For security operations teams, the pitch centers on eliminating 70% false-positive user submissions that waste skilled analyst time. Both personas use the same tools, but CISOs face board-level breach risk while SOC teams face daily toil from alert fatigue.

Tony Scott brings an unparalleled perspective to cybersecurity leadership, having served as CIO of the federal government, VMware, Microsoft, General Motors, and Disney before taking the helm at Intrusion during a critical turnaround phase. When Scott joined Intrusion three and a half years ago, the company was in crisis—running out of money, facing SEC investigations, and dealing with shareholder lawsuits after poor leadership decisions. Today, Intrusion has stabilized its technology, raised sufficient capital, and carved out a unique position in the Applied Threat Intelligence category, focusing on real-time packet-level network analysis that stops zero-day attacks and command-and-control communications that bypass traditional security tools.Topics Discussed:Scott's transition from government service to cybersecurity investment and eventual CEO roleThe crisis state of Intrusion when he joined and the turnaround strategy implementedIntrusion's pivot from direct sales to a managed service provider (MSP) go-to-market strategyThe challenge of creating a new category in Applied Threat IntelligenceBuilding and rightsizing the marketing and sales teams during the turnaroundThe realities of running a public company versus private enterprisesIntrusion's unique packet-level network analysis technology versus conversation-based monitoringGTM Lessons For B2B Founders:Do your homework before the meeting: Scott's biggest frustration as a buyer was vendors who showed up unprepared, asking generic questions like "what keeps you up at night?" without understanding the organization or its priorities. He literally had a secret signal with his assistant to escape these meetings. B2B founders must research prospects thoroughly, understand their specific challenges, and craft relevant value propositions before requesting meetings. Generic discovery calls are a waste of everyone's time and destroy credibility.Fix the product before scaling sales: The previous CEO at Intrusion hired dozens of salespeople to sell a product that wasn't ready, resulting in zero sales during his tenure. Scott prioritized fixing scalability, reliability, and feature gaps before rebuilding the go-to-market engine. B2B founders often face pressure to hire sales teams early, but selling a broken product destroys market credibility and wastes resources. Product-market fit must precede sales-market fit.Find the right distribution channel for your product: Intrusion's breakthrough came when they stopped trying to sell directly to end customers and focused on managed service providers and managed service security providers. This channel strategy worked because Intrusion's solution enhances existing security stacks rather than replacing them, making it perfect for MSPs serving SMBs that can't afford enterprise-level security expertise. B2B founders should carefully analyze whether their solution is better suited for direct sales, channel partnerships, or hybrid approaches based on customer buying behavior and implementation complexity.Embrace being in a category of one: Despite pressure from analysts and customers to fit into existing categories, Intrusion discovered they occupy a unique position in Applied Threat Intelligence. While this creates messaging challenges, it also eliminates direct competition. Scott worked with Gartner and other analysts to establish that no other company does exactly what Intrusion does. Leverage legal training for crisis management: Scott's law school background taught him to analyze situations from a 360-degree perspective, understand all stakeholder positions, and develop comprehensive strategies. This skill set proved invaluable during Intrusion's turnaround and his previous crisis management roles. B2B founders facing difficult situations should adopt this approach: clearly define the problem, gather multiple perspectives, identify all stakeholders, and develop a theory of the case for moving forward.

Staris AI is pioneering a new approach to application security, moving beyond traditional vulnerability scanning to create what they call "total context security." With $5.7 million in funding, the company is building an AI-powered platform that doesn't just find security issues but provides complete context about business risk and automated fixes. In this episode of Category Visionaries, I sat down with Adam Cecchetti, CEO and Co-Founder of Staris AI, to learn about his transition from bootstrap founder to venture-backed CEO and his vision for creating an immune system for applications on the internet.Topics Discussed:The evolution from bootstrap companies to venture-backed scalingHow 200+ customer discovery conversations shaped Staris AI's product directionCreating the "total context security" category in a crowded application security marketThe impact of AI on both security threats and solutionsBuilding founder-led sales processes before transitioning to broader marketingLong-term vision of creating an immune system for internet applicationsGTM Lessons For B2B Founders:Conduct extensive customer discovery before building: Adam and his co-founder talked to over 200 CISOs, CTOs, and CIOs before finalizing their product direction. The key insight: "People do not need more to do. They do not need more work, they do not need more bugs. They don't need bugs cheaper or better or faster. They really need this problem to start shrinking." This extensive research revealed that the market didn't need another tool to find vulnerabilities—they needed solutions that actually reduced their security workload.Define what you don't do to clarify positioning: Adam shared a powerful insight from his previous company: "I sold more work telling people what I didn't do versus what we did do." In crowded markets like security, clearly articulating what you don't do helps prospects understand your unique value proposition. For Staris AI, being explicit about not being "an ASPM" or other specific security categories helps differentiate their total context approach.Leverage founder networks for initial traction: Rather than launching broad marketing campaigns, Adam is using his 25 years of industry relationships for initial customer acquisition. "We're going back to a lot of our people we had talked to initially when we started the company, as well as some old customers and colleagues and friends to be able to say, hey, let's do some proof of concepts." This approach allows for rapid iteration and product refinement based on trusted customer feedback.Create category names that are immediately understandable: While evaluating options like "next gen pen testing" and "AI security co-pilots," Adam chose "total context security" because it clearly communicates value. The name immediately conveys what the solution does—providing complete context at every step of the security process. In technical markets, clarity often beats cleverness in category naming.Time market expansion carefully: Despite having funding and proven traction, Adam is deliberately waiting until Q4 to ramp marketing efforts. "We've been really laser-like focused on building a great product, getting a good story for our customers, understanding what truly provides them value before we kind of went out and mass broadcasted that message." This disciplined approach ensures product-market fit before scaling go-to-market efforts.

Welcome to another episode of Category Visionaries — the show that explores GTM stories from tech's most innovative B2B founders. In today's episode, we're speaking with Itzik Alvas, CEO & Co-Founder of Entro Security, a non-human identity management platform that has raised $24 Million in funding.Here are the most interesting points from our conversation:Military Experience Taught Perseverance: Itzik credits his time in the Israeli Defense Force, specifically in the cyber intelligence unit, for shaping his approach to perseverance. This has been crucial in overcoming challenges as an entrepreneur.Non-Human Identity Management Innovation: After multiple cybersecurity breaches in his previous roles, Itzik identified a massive gap in managing non-human identities and secrets. This personal experience directly led to the creation of Entro Security.Early Days Post-Seed Raise: The first few months after securing seed funding were highly operational—setting up offices, building the team, and finding early design partners to provide feedback on their solution.Creating a New Market Category: Entro Security is pioneering the non-human identity management space, addressing the growing issue of programmatic credentials that are often mishandled by DevOps teams, posing significant security risks.Unique, Memorable Branding: Unlike traditional cybersecurity companies, Entro’s branding is youthful, fun, and memorable, a conscious choice to stand out in an industry that often feels sterile and overly serious.Go-To-Market Approach: Entro’s sales efforts are focused on direct sales and channel partnerships, with a primary focus on the US market. Itzik emphasizes the importance of aligning go-to-market strategies with event participation based on specific goals like lead generation or brand awareness. // Sponsors:Front Lines — We help B2B tech companies launch, manage, and grow podcasts that drive demand, awareness, and thought leadership.www.FrontLines.ioThe Global Talent Co. — We help tech startups find, vet, hire, pay, and retain amazing marketing talent that costs 50-70% less than the US & Europe. www.GlobalTalent.co

Welcome to another episode of Category Visionaries — the show that explores GTM stories from tech's most innovative B2B founders. In today's episode, we're speaking with Mykolas Rambus, CEO & Co-Founder of Hush, a cybersecurity company that's raised $7.5 Million in funding.Here are the most interesting points from our conversation:Navigating the .com Bubble: Mykolas shared how his first company, Lobby7, navigated the .com bubble burst by pivoting business models and ultimately selling in 2003.Building Wealthex: Wealthex emerged from the 2008 financial crisis, providing a Bloomberg-like platform for private bankers using public internet data, leading to a successful exit.The Birth of Hush: Hush was founded to address data privacy, focusing on removing personal information from the internet to prevent cyberattacks on employees.Tackling Cybersecurity Threats: Mykolas discussed the rise of AI-driven cyber threats and how Hush proactively mitigates risks by eliminating accessible personal data.Effective Marketing in Cybersecurity: Hush's marketing strategy revolves around building trust through referrals and email campaigns to ensure companies are aware of the service when they need it.Vision for Privacy: Mykolas envisions a future where 20% of the American workforce is protected by services like Hush, significantly reducing cybersecurity risks and enhancing data privacy.//Sponsors:Front Lines — We help B2B tech companies launch, manage, and grow podcasts that drive demand, awareness, and thought leadership.www.FrontLines.ioThe Global Talent Co. — We help tech startups find, vet, hire, pay, and retain amazing marketing talent that costs 50-70% less than the US & Europe.www.GlobalTalent.co

Welcome to another episode of Category Visionaries — the show that explores GTM stories from tech's most innovative B2B founders. In today's episode, we're speaking with Umaimah Khan, CEO & Co-Founder at Opal Security, a data-centric identity security platform that has raised $32 Million in funding. Here are the most interesting points from our conversation:Background and Start: Umaimah initially aimed to be a math professor before transitioning to cryptography and ultimately catching the startup bug. Her experience at various startups, especially with scaling security and compliance systems, directly influenced her founding of Opal Security.Early Days of Opal Security: The first three months of Opal Security involved intense research and discussions to shape the product’s architecture, deeply influenced by Umaimah’s background in cryptography and her prior startup experiences.Unique Challenges of Identity Security: Umaimah views identity security as one of the last great enterprise frontiers, difficult to solve due to constant technological evolutions that outpace the ability of security protocols to adapt.Marketing Philosophy: Opal Security aims to cut through typical marketing noise by directly demonstrating the tangible value of their products to customers, contrasting with the complex and often opaque marketing strategies prevalent in the security sector.Approach to Scaling Adoption: Umaimah emphasizes the importance of user-friendly product design even in complex enterprise environments, drawing parallels to Slack’s transformation of IRC into a tool accessible beyond engineering teams.Vision for the Future: Looking ahead, Umaimah sees Opal Security playing a critical role in shaping the future of access and authorization as technological landscapes and regulatory environments evolve, potentially impacting how identity security is approached globally.// Sponsors:Front Lines — We help B2B tech companies launch, manage, and grow podcasts that drive demand, awareness, and thought leadership.www.FrontLines.ioThe Global Talent Co. — We help tech startups find, vet, hire, pay, and retain amazing marketing talent that costs 50-70% less than the US & Europe. www.GlobalTalent.co

Welcome to another episode of Category Visionaries — the show that explores GTM stories from tech's most innovative B2B founders. In today's episode, we're speaking with Ori Eisen, CEO & Founder of Trusona, an account takeover prevention platform that has raised $38 Million in funding.Here are the most interesting points from our conversation:Persistence Pays Off: Ori's relentless pursuit of Frank Abagnale for mentorship and his insistence on John Doerr's presence at a crucial pitch meeting exemplify his "never take no for an answer" attitude.Creative Marketing Strategies: Ori emphasizes the importance of standing out in the crowded cybersecurity market by using unconventional and memorable marketing tactics.First-Party Data Focus: Trusona's strength lies in using first-party data to verify user identities, which Ori believes is crucial in the age of AI-driven fraud.Real Vacation Culture: Ori advocates for founders to take real vacations to recharge and avoid burnout, providing a detailed process for effectively disconnecting from work.Security Through Innovation: Ori's development of computer fingerprinting and other technologies showcases his innovative approach to solving complex security problems.Challenging Conventional Wisdom: Ori often goes against traditional Silicon Valley advice, focusing instead on what he believes will truly benefit his company and its mission. // Sponsors:Front Lines — We help B2B tech companies launch, manage, and grow podcasts that drive demand, awareness, and thought leadership.www.FrontLines.ioThe Global Talent Co. — We help tech startups find, vet, hire, pay, and retain amazing marketing talent that costs 50-70% less than the US & Europe. www.GlobalTalent.co

Welcome to another episode of Category Visionaries — the show that explores GTM stories from tech's most innovative B2B founders. In today's episode, we're speaking with Nadav Arbel, CEO & Co-Founder of Cyrebro, an ML-backed MDR platform that has raised $51 Million in funding.Here are the most interesting points from our conversationVision for Cyrebro: Nadav discusses how Cyrebro is transforming the cybersecurity landscape with a unique, cloud-based approach to Managed Detection and Response (MDR), integrating AI and machine learning to provide comprehensive threat detection.The Journey to $51M Funding: He shares insights into Cyrebro's fundraising journey, emphasizing the importance of strategic alignment with investors who understand and support their long-term vision.Importance of AI in Cybersecurity: Nadav explains how the use of AI and machine learning is critical in staying ahead of evolving cyber threats, making their platform not just reactive but predictive.Building a Category: He talks about the challenges and strategies involved in creating a new category within the crowded cybersecurity market, focusing on differentiation and market education.GTM Strategy: Nadav outlines Cyrebro’s go-to-market strategy, including their focus on partnerships and integrations to scale rapidly and effectively in a competitive environment.Customer-Centric Approach: He highlights the importance of understanding customer pain points and building solutions that directly address those needs, which has been central to Cyrebro's success. // Sponsors:Front Lines — We help B2B tech companies launch, manage, and grow podcasts that drive demand, awareness, and thought leadership.www.FrontLines.ioThe Global Talent Co. — We help tech startups find, vet, hire, pay, and retain amazing marketing talent that costs 50-70% less than the US & Europe. www.GlobalTalent.co

Welcome to another episode of Category Visionaries — the show that explores GTM stories from tech's most innovative B2B founders. In today's episode, we're speaking with Neil Serebryany, CEO & Co-Founder of Calypso AI, an AI security platform that has raised over $38 Million in funding. Here are the most interesting points from our conversation:Origins in Intelligence and AI: Neil's experience in the US intelligence community revealed the vast potential of AI for data analysis and the significant security vulnerabilities that accompany AI's rise, inspiring the foundation of Calypso AI.Early Challenges and Learning: The initial days of Calypso AI involved identifying and addressing the myriad vulnerabilities in AI systems, underscoring the nascent state of AI security and the company's role in shaping the field.Market Education and Awareness: In the early stages, there was a significant challenge in convincing stakeholders of the imminent need for AI security solutions before the widespread acknowledgment of AI vulnerabilities.Government as the First Customer: Having the government as an early customer provided substantial initial revenue and R&D collaboration opportunities but necessitated balancing government-specific solutions with broader enterprise needs.Building Trust and Credibility: Calypso AI leveraged its government partnership as a credibility stamp in the enterprise domain, emphasizing the importance of showing tangible product value to build trust.Navigating the Post-ChatGPT Landscape: The advent of generative AI and foundation models has significantly shifted the company's focus and messaging, aligning with the evolving AI risk landscape and enterprise needs for simplified, secure AI deployment.

Welcome to another episode of Category Visionaries — the show that explores GTM stories from tech's most innovative B2B founders. In today's episode, we're speaking with Ian Amit, CEO & Founder at Gomboc, a cloud security remediation platform that has raised over $5 Million in funding.Here are the most interesting points from our conversation:Origins of Gomboc Name: Ian shared the geeky and meaningful origin of the company name, Gomboc, inspired by a monostatic shape devised by a Hungarian mathematician, symbolizing the company's mission to self-right security issues automatically.Leadership Lessons from IDF: Despite not following the typical cybersecurity pathway through the IDF’s elite units, Ian's military service profoundly shaped his leadership style, emphasizing quick decision-making and handling responsibility across diverse teams.Career Evolution: Ian's career journey from a hacker tinkering with computers to various roles in cybersecurity, including red teaming and leading security research, culminating as a CISO at major corporations, provides a rich backdrop to his startup's mission.Transition to Entrepreneurship: Ian discussed his transition from security executive roles to founding Gomboc, driven by his desire to address systemic issues in cloud security he encountered firsthand, emphasizing the need for effective remediation over mere detection.Gomboc’s Solution to Cloud Security: The platform focuses on automating the remediation of security misconfigurations in cloud environments, providing code-level solutions that integrate seamlessly with existing DevOps workflows, significantly reducing the manual labor typically involved in securing cloud deployments.Market Education and Category Creation: Ian highlighted the challenge and importance of educating the market about the need for automated security remediation solutions in cloud computing, which is not yet widely recognized as a distinct category by analysts but is critical for reducing widespread vulnerabilities.

Welcome to another episode of Category Visionaries — the show that explores GTM stories from tech's most innovative B2B founders. In today's episode, we're speaking with Matteo Bogana, CEO & Co-Founder at Cleafy, an online fraud prevention platform that has raised $12 Million in funding.Here are the most interesting points from our conversation:Origins of Cleafy: Matteo was inspired to start Cleafy after being told that solving certain cybersecurity problems was scientifically impossible. Their breakthrough in real-time content verification on web pages sparked the company's inception.Early Challenges: The initial years for Cleafy were tough due to the premature market for their technology. Matteo and his team struggled to gain the first customer, working hard to create market conditions favorable for their product.Customer Traction: Gaining the trust of early customers was difficult, especially as a new entity competing against established companies. Building credibility took significant effort through meetings and consensus building.Customer Base Evolution: Today, Cleafy targets mid to large financial institutions with structured fraud management teams, indicating a shift from startups to more established entities.Differing Approaches to Startups and Corporates: The messaging for startups, particularly fintechs, differs as they typically understand and value integrated cybersecurity and fraud management solutions more quickly than traditional banks.Marketing Philosophy: Cleafy’s marketing strategy involves creating trust through knowledge sharing, leveraging their Clifi Labs to provide insights and threat intelligence directly to potential customers and at high-profile security events.

Welcome to another episode of Category Visionaries — the show that explores GTM stories from tech's most innovative B2B founders. In today's episode, we're speaking with Edward Wu, CEO & Founder of Dropzone AI, a next-generation cybersecurity platform that has raised over $20 Million in funding.Here are the most interesting points from our conversation:AI-Powered Security Analysts: Dropzone AI is leveraging advancements in generative AI to replicate the decision-making processes of human cybersecurity analysts, enhancing the speed and accuracy of threat detection and response.Addressing the Talent Gap: Edward highlighted the significant talent shortage in cybersecurity, with a global deficit of 4 million professionals. Dropzone AI's technology aims to mitigate this by automating routine security tasks, freeing human analysts to focus on more complex and critical threats.Early Challenges and Opportunities: Starting in February 2023, Edward's prior experience in cybersecurity allowed him to identify the inefficiencies in security operations centers (SOCs) and inspired him to develop a solution that reduces the burden of voluminous security alerts on analysts.Customer Acquisition Strategy: Dropzone AI's approach to landing their first paying customers involved identifying early adopters within the cybersecurity community who shared a vision for the potential of AI-driven security.Marketing and Messaging: Without a formal background in marketing, Edward developed an effective communication strategy by immersing himself in industry expos and trade shows, learning to craft messages that accurately convey the capabilities and benefits of Dropzone AI's technology.Transparent and Accessible Product Demos: In an industry often shrouded in secrecy, Dropzone AI stands out by offering ungated, interactive demos on their website, fostering transparency and building trust with potential customers by allowing them to experience the technology firsthand.

Welcome to another episode of Category Visionaries — the show that explores GTM stories from the tech's most innovative B2B founders. In today's episode, we're speaking with David Etue, CEO of Nisos, a managed intelligence platform that has raised $33 Million in funding. Nisos operates at the intersection of cybersecurity and intelligence services, focusing on providing actionable insights to corporate security, cybersecurity, and trust and safety teams. Here are the most interesting points from our conversation:Nisos's Unique Positioning: As a managed intelligence company, Nisos distinguishes itself by converting data into actionable intelligence, addressing the gap in a market saturated with data but lacking in actionable insights.The Importance of Focus: Reflecting on Nisos's journey, David emphasizes the critical nature of focus in startup success, advocating for a more concentrated approach to product and market strategy from the outset.Vision for the Future: David outlines ambitious plans for Nisos, including scaling the company, expanding internationally, forging strategic partnerships, and potentially exploring acquisitions to broaden their service offerings.

Welcome to another episode of Category Visionaries — the show that explores GTM stories from tech's most innovative B2B founders. In today's episode, we're speaking with Arie Zilberstein, CEO and Co-Founder of Gem Security, a cloud detection and response platform that has raised $34 Million in funding.Here are the most interesting points from our conversation:Facing Skepticism and Pursuing Vision: Despite encountering skepticism at the outset, Arie and his team remained committed to their vision for Gem Security, leveraging their extensive cybersecurity experience to validate and pursue their innovative cloud security solution.Identifying a Market Gap: Arie's prior roles in incident response revealed significant challenges in cloud-native breach detection and response, inspiring the foundation of Gem Security to address these critical gaps in the market.Strategic Relationship Building: Gem Security's credibility and market presence were significantly enhanced through strategic relationships and endorsements from cybersecurity leaders, illustrating the importance of trusted networks in startup growth.Early Customer Engagement and Validation: The transition from design partners to paying customers highlighted the importance of early and active engagement with potential users to refine and validate the product offering, ensuring it met real market needs.Focus on Team Building: The initial stages of Gem Security emphasized assembling a strong foundational team, underscoring the crucial role of talent acquisition and team cohesion in the early success of a startup.Vision for Scaling and Future Growth: Looking forward to 2024, Arie focuses on scaling Gem Security's go-to-market strategy and enhancing the sales team to broaden the company's reach and impact, aiming to revolutionize security operations in the cloud era.

Welcome to another episode of Category Visionaries — the show that explores GTM stories from tech's most innovative B2B founders. In today's episode, we're speaking with Marina Segal, CEO & Co-Founder of Tamnoon, a cutting-edge cloud security platform that has successfully raised over $5 Million in funding.Here are the most interesting points from our conversation:Early Experiences Shape Future Paths: Marina's initial years in Israel and service in the IDF taught her vital lessons in adaptability, language, and equality. Despite her niche role within the IDF, it laid the groundwork for her passion in compliance and frameworks, influencing her career trajectory.Cultural Adjustments and Learning Curves: Moving to the US, Marina faced the challenge of adapting to a new work culture, learning the subtleties of communication and professional interaction. This experience sharpened her interpersonal skills and played a crucial role in her decision to dive into the startup ecosystem, drawing her closer to the Israeli community.Driven by Process Optimization: Marina's journey into cloud security was motivated by her desire to automate and optimize compliance assessments and risk management processes. Her work at Deloitte and the transition to a tech startup stemmed from her passion for reducing manual workload through innovative solutions.Finding Inspiration in Leadership: Marina credits her grandmother and a mentor from Deloitte as significant inspirations in her life. Their leadership styles, emphasizing humility, approachability, and the ability to manage stress while fostering a sense of equality and peer respect, greatly influenced her approach to leadership and problem-solving.Tamnoon's Unique Value Proposition: Tamnoon aims to bridge the gap between cloud security detection and effective remediation. By focusing on the next step beyond just identifying security issues, Tamnoon seeks to offer scalable solutions for remediation and prevention, addressing a critical need in the cloud security space.The Significance of Team Building: The co-founding journey of Tamnoon underlines the importance of partnership and team dynamics. Marina's previous collaboration with her co-founder at another startup highlighted the value of shared principles, conflict resolution, and the ability to work towards common goals.

Welcome to another episode of Category Visionaries — the show that explores GTM stories from tech's most innovative B2B founders. In today's episode, we're speaking with Paul Valente, CEO & Co-Founder of Viso Trust, a third-party risk management platform that's raised $17 Million in funding.Here are the most interesting points from our conversation:Evolution of Security: Paul highlighted how digital transformation has drastically increased reliance on third-party services, making third-party risk management a critical focus.Background and Vision: Drawing from his extensive experience as a CISO, Paul discussed the challenges he faced and how they led to the creation of Viso Trust.AI Integration: Viso Trust leverages AI to automate third-party cyber risk management, reducing the workload by 90% and significantly speeding up the assessment process.Customer Adoption: With over 35 large enterprise customers and a network of 2.5 million companies, Viso Trust is rapidly scaling and has enabled the assessment of tens of thousands of third parties.Empathy with CISOs: Paul's background as a CISO provides him with unique insights into the needs and pain points of security leaders, shaping Viso Trust's approach to customer engagement.Go-to-Market Strategy: Viso Trust employs a mix of direct sales, thought leadership, and product-enabled sales, focusing on reducing friction and providing value to both assessors and vendors.// Sponsors:Front Lines — We help B2B tech companies launch, manage, and grow podcasts that drive demand, awareness, and thought leadership.www.FrontLines.ioThe Global Talent Co. — We help tech startups find, vet, hire, pay, and retain amazing marketing talent that costs 50-70% less than the US & Europe. www.GlobalTalent.co

Welcome to another episode of Category Visionaries — the show that explores GTM stories from tech's most innovative B2B founders. In today's episode, we're speaking with Tiffany Ricks, CEO & Founder of HacWare, a security awareness platform that's raised $2.6 Million in funding.Here are the most interesting points from our conversation:Transition to Product: Tiffany transitioned from running a consultancy to building HacWare after identifying phishing as a recurring vulnerability in her clients’ businesses.Phishing Impact: Phishing attacks lead to significant breaches, with 3.4 billion phishing emails sent daily and 71% of small businesses experiencing phishing attacks that lead to ransomware.Automated Solution: HacWare automates phishing simulations and security awareness training using AI, significantly reducing the labor hours required from 40 hours a week to just 1 hour a month.Educated Buyers: Small and mid-market businesses are becoming more knowledgeable about cybersecurity needs, understanding the importance of solutions like VPNs, password managers, and security awareness training.Continuous Improvement: HacWare releases software updates weekly, maintaining focus on customer pain points and continuously enhancing their platform’s capabilities.Future Vision: In five years, HacWare aims to provide comprehensive human risk assessments across various digital platforms, similar to credit scores, to identify and mitigate potential security risks.// Sponsors:Front Lines — We help B2B tech companies launch, manage, and grow podcasts that drive demand, awareness, and thought leadership.www.FrontLines.ioThe Global Talent Co. — We help tech startups find, vet, hire, pay, and retain amazing marketing talent that costs 50-70% less than the US & Europe. www.GlobalTalent.co

In today's episode of Category Visionaries, we speak with Jason Martin, Co-Counder and Co-CEO of Permiso Security, a cloud identity detection response platform that's raised $10 Million in funding, about the importance of knowing exactly who (or what) is trying to breach your security barrier, and building the right kind of response in real-time. With instant identity-to-event attribution, Permiso helps their clients understand the nature of the security threats they face, and make the right decisions about how to respond, both in the moment and for the future.We also speak about Jason’s quarter-century career in cybersecurity, playing both offensive and defensive roles, the Permiso mission statement of ‘trying to find evil’ in the public cloud, the diversity of threats and aggressors facing a firm’s cybersecurity infrastructure, how Permiso differentiate themselves in the ‘threat detection’ space, and why the security of any company ultimately lies in its people and the processes they adhere to. Topics Discussed:Jason’s extensive career in cybersecurity, playing roles in both the defensive and offensive software spaceWhy the modern cloud-based economy is facing a more diverse range of threats than ever before‘Finding evil’ as a clear, concise mission statement for Permiso to make their mark on the marketBuilding a fun, engaging website as a vital touchpoint for potential customersDifferentiation in a crowded market space, and how Permiso stand apart from the general ‘threat detection’  solutionsWhy hygiene, process, and ultimately people are the ultimate security solution for any company Favorite book: Thank You for Being Late: An Optimist's Guide to Thriving in the Age of Accelerations

In today's episode of Category Visionaries, we speak with Mollie Breen, CEO and Co-Founder of Perygee, an IoT/OT security platform that's raised $6.4 Million in funding, about why so many security teams often find themselves making critical decisions about their IoT and OT device security using imperfect information, and the vulnerabilities that can ultimately cause for companies. With an innovative solution unifying reams of scattered, unstructured data into a single space compounded by custom workflows to supercharge productivity, Perygee is putting the power of decisions back in the hands of those who need it most.We also speak about Molly’s background at the NSA and what it taught her about the vulnerabilities of IoT and operational technology devices, how that insight eventually led to her founding Perygee, and why they made a conscious decision not to follow the trend of selling based on fear.Topics Discussed:Molly’s background as a mathematician working at the NSA, and how the experience exposed her to the vulnerabilities of IoT devicesThe risks posed by networked devices like security cameras, HVAC systems, and access controls, and why they need to be addressedPerygee’s solution deploying contextual information about device operation, assisting in identifying and remediating key vulnerabilitiesHow engaging with CISOs involved directly in security operations helped Perygee establish credibility and trust in their marketThe Perygee marketing approach, eschewing dark colors and the established model of selling ‘based on fear’

In today's episode of Category Visionaries, we speak with Scott McCrady, CEO of SolCyber, a modern MSSP that's raised $20 Million in funding.Topics Discussed:Scott’s background as a security engineer and what led him to found SolCyber as a solution to what he saw as existing shortcomingsWhy comprehensive monthly security packages are so appealing for many mid-sized security-conscious companiesBalancing positivity and caution in Scott’s approach to business, and how ‘duality’ shapes his worldviewHow Scott sees SolCyber’s evolution in retrospect, and the things he might have done differentlyThe future of outsourced security programs and why Scott thinks they’ll soon dominate the industry Favorite book: The Power of Positive ThinkingOnly the Paranoid Survive: How to Exploit the Crisis Points That Challenge Every Company

In today's episode of Category Visionaries, we speak with David Brumley, CEO of Mayhem, an automated security testing platform that’s raised over $38 Million in funding, about how a hacker mindset in defensive security can turn the tables on aggressors, and give your cyberdefense the edge in the endless technology arms race. By deploying automated systems to construct a comprehensive map of an enterprise’s existing security landscape, built on an off-the-shelf code, Mayhem identifies exactly where action should be taken to tighten up any potential cracks in your defenses before a disastrous incursion ever occurs.We also spoke about David’s colorful life before transitioning to a career in the tech startup space, what it was like setting out to disrupt Silicon Valley in the 1990s and how things have changed since then, and why hostility in public discourse is just par for the course when you challenge established industry dogma. Without paying too much attention to the category creation complex, David sees Mayhem as forging its own niche based exclusively on the efficacy of its software solutions.Topics Discussed:How David decided to change his life, and how one crazy night led him to the world of technology solutionsHow Silicon Valley got its start in the University sphere, and how things have changed since the years of classified ads to become billion dollar investment opportunitiesWhy disrupting industry dogma inevitably brings public backlash, and how David manages to move beyond it by focusing on solutionsWhy the hard part of building a business isn’t having a vision, but holding onto your vision when things don’t go your wayHow recognising the utility of research is the only way to really move an industry forward with cutting-edge technologyWhy Mayhem started with enterprise-led sales, but found new opportunities by developing PLG channels to build adoption from the ground up Favorite book: The Hard Thing About Hard Things: Building a Business When There Are No Easy Answers

In today's episode of Category Visionaries, we speak with Justin Beals, CEO and Co-founder of Strike Graph, about why security certification in a digital economy plagued with breaches can be the difference between success and failure for businesses seeking all-important funding. With Strike Graph, Justin and his team have developed an automated platform to monitor, map and manage their clients’ security systems and deliver a gold-standard attestation of quality that potential partners will immediately recognize and feel comfortable putting their trust (and money) in, all without the lengthy, costly process of an outside consultant.We also speak about Justin’s transition from a more technical background to the role of founder, why being alone at the top can sometimes be the toughest position of all, the personal experience which drove home the importance of security certification, and why Strike Graph insists they can’t run a firm’s security system on their behalf.Topics Discussed:How a technical background in engineering and product development prepared Justin for the founder’s position that would followThe supplementary skills a founder transitioning from tech should seek out in their potential partner, and why they might not want to be the sole founder in the first placeThe central significance of security certification in the digital services economy, and how it can hamstring an enterprise before it’s even up and runningHow Strike Graph’s security software let’s a firm monitor, map, and manage their security system, bringing it up to a Soc ii standardHow Strike Graph largely eliminates the need for external consultants, saving their customers both time and moneyWhy Strike Graph draws the line at actually running their clients’ security systems, and how they expect their advice and insights to be implemented Favorite book: How to Start a Record Label

In today’s episode of Category Visionaries, we speak with John Milburn, CEO of Clear Skye, about his decades of experience in the enterprise software space, and why he found himself drawn back to security solutions with Clear Skye. Having identified shortcomings in the traditional approach to cybersecurity, focusing almost exclusively on the technology instead of the people and processes involved in making it work effectively, John is determined to make us rethink what cybersecurity means and do something genuinely different in an established market space.Clear Skye is an identity governance and security solution built natively on ServiceNow that optimizes enterprise identity and risk management with a platform-first approach. The company provides workflow management, access requests, access review, and identity lifecycle management tools to a broad set of vertical markets. By leveraging an existing business platform, Clear Skye enables customers to reduce friction and IT hurdles, while improving workflows and user experience.Topics Discussed:Why John respects grind and hard work over talent and intelligenceBasic security hygiene and how so many companies get the fundamental aspects of security wrongIdentity and access governance as an established market category, and how Clear Skye is leading a transformation in the spaceThe enterprise technology sector’s problem with new solutions, and why focusing exclusively on technology misses critical components of security implementationWhy enterprise sales are the Clear Skye strategy for now, but PLG is coming soon as an important option for scaling brand impactPushing a new market category and why being first in the space can be a blessingThe challenge of transforming traditional budget owners, and pushing them towards truly innovative solutions Favorite book: Infinite Jest

In today's episode of Category Visionaries, we speak with Stijn Vande Casteele, founder of Sweepatic, an external attack surface management company that’s raised $4.4 million in funding, about why an effective cybersecurity strategy depends on getting the right information to the people who need to make decisions, and how Sweepatic makes that happen in real time. Market leaders in threat discovery, Sweepatic’s name comes from the focus on continuously mapping, analyzing and monitoring all  internet facing assets or ‘sweeping,’ to provide their clients with critical information via a seamless interface.We also speak about the challenges of getting a startup off the ground in Europe versus some other cybersecurity hubs, Stijn’s experience across an entire industry which inspired him to start Sweepatic, the appeal of cloud-based services for contemporary customers, and why Sweepatic’s approach might have found perfect market fit. Topics Discussed:Stijn’s career in cybersecurity, and the lessons that led him to found SweepaticWhy discovery is probably the most important component of any cybersecurity infrastructureThe different challenges facing cybersecurity startups in Europe compared to the US or IsraelHow a seamless, cloud-based solution has helped Sweepatic attract more customersWhy keeping customers close and really focusing on their feedback has been critical to Sweepatic’s successThe future of cybersecurity: more information, more visibility, more control

In today's episode of Category Visionaries, we speak with Peter Prizio Jr, CEO of SnapAttack, a threat management platform that's raised $8 Million in funding. SnapAttack is the Enterprise-Grade & MSSP Platform that helps security leaders answer their most pressing question: “Are we protected?” By rolling intel, adversary emulation, detection engineering, threat hunting, and purple teaming into a single, easy-to-use product with a no-code interface, SnapAttack unlocks the potential of your security operations. Prior to SnapAttack, Peter developed complex defense weapons systems and citizen services for Government clients, ultimately finding a home in cybersecurity startups spanning from Third Party Risk and Cyber Threat Intelligence. He is passionate about collaboration and information sharing across organizations, industries, and public sectors as a backbone for proactive security.We speak about why the scale and sophistication of cybersecurity threats means that constant innovation is an industry essential. By capturing detailed information about cyberattacks and handing it over to the defender, their mission is to help clients hunt for hackers and respond more effectively.We also speak about Peter’s background as an Electrical Engineer and his fascination with finding out how things work, how SnapAttack spun out from RnD at Booz Allen Hamilton, the challenge of finding the hacker hunters to deal with contemporary security concerns, and why government clients might be hard to crack at first, but the networking rewards make them worth it in the end.Topics Discussed:Peter’s background as an electrical engineer, and his fascination with how things function that eventually led him to the cybersecurity spaceHow SnapAttack spun out of the ‘Dark Labs’ RnD at Booz Allen Hamilton, and how they found themselves as an independent entityThe current state of threat detection and why most companies relying on traditional manual hunting can find themselves stretched to capacityWhy constant evolution in the scale and sophistication of cyber threats means defenders need to stay at the cutting edge of innovationHow SnapAttack’s ‘snapshot’ strategy puts critical tools in the hands of defenders to detect and deal with real-world threatsWhy doing business with government agencies can be a real slog to start with, but why the long-term benefits make the effort worth it in the end Favorite book: The Little Red Book of Wisdom

In today's episode of Category Visionaries, we speak with Philippe Humeau, CEO of CrowdSec, a cyber security startup building a neighborhood watch for the internet era, leveraging collaboration and mutual benefit to optimize protection against contemporary online threats. By identifying aggressive IP addresses and bad actors in real time, and sharing that information with users, the bulk of your security legwork can be taken care of before the threat ever reaches your servers. It's this powerful security infrastructure which has helped CrowdCec secure 110,000 users in just two years, and be well on the way to their first million.Topics Discussed:How cracking computer games at school led Philippe to a career in cybersecurityHow security needs have changed in the ransomware era, and what aggressive security means for your businessWhy selling signals is a massive market, and how CrowdSec manages to stay free to usePLG as the idea growth strategy for small businesses, but why it might not always be scalableMarket innovation and enterprise categories - why detecting trends is different from imposing themCybersecurity’s high burn rate, and why if you want software maintained well you need to pay a top-level salaryFavorite book: Thinking, Fast and Slow

In today's episode of Category Visionaries, we speak with Stephen de Vries, CEO and Co-Founder of IriusRisk, a threat modeling platform that's raised nearly $40 Million in funding.Topics Discussed:Stephen’s career as a programmer in the Y2K era and transitioning to application software security testing Being an early entrant to the cybersecurity space, and how the industry has changed over the yearsHow IriusRisk’s automated security approach streamlines the security software design process for developersThe expansion of IriusRisk's content to meet market demand, including device-specific protocols for medical devices.The potential implications of impending regulations and working with the federal government to improve security Favorite book: The Bhagavad Gita

Welcome to another episode of Category Visionaries — the show that explores GTM stories from tech's most innovative B2B founders. In today's episode, we're speaking with Michael Assraf, CEO & Co-Founder of Vicarius, a vulnerability remediation platform that has raised $29 Million in funding.Here are the most interesting points from our conversation:Hands-On Leadership: Despite leading a company of 50 people, Michael still writes code, emphasizing the importance of staying connected to the product.Military Influence: Michael attributes much of his entrepreneurial drive and problem-solving skills to his experience in the Israeli military, where young people are given significant responsibilities.Founding Story: Vicarius was inspired by Michael's early fascination with computers and his co-founder's experience in cybersecurity. They aimed to solve big problems in vulnerability remediation.Product Overview: Vicarius Topia integrates vulnerability scanning, prioritization, remediation, and automation into a single platform, streamlining processes that are typically handled by multiple products.Community Focus: The V Society community is a growing initiative that invites IT admins and security engineers to collaborate and share vulnerability remediation strategies, moving towards a crowdsourced approach.PLG Strategy: Vicarius has embraced a Product-Led Growth (PLG) approach, focusing on making their product accessible and easy to use, with significant reliance on user feedback to continuously improve the product. // Sponsors:Front Lines — We help B2B tech companies launch, manage, and grow podcasts that drive demand, awareness, and thought leadership.www.FrontLines.io The Global Talent Co. — We help tech startups find, vet, hire, pay, and retain amazing marketing talent that costs 50-70% less than the US & Europe.www.GlobalTalent.co

In today's episode of Category Visionaries, we speak with Ryan Lasmaili, CEO of Vaultree, an encryption as a service platform that’s raised over $16 Million in funding, about why we need a new solution focused on working with encrypted data to plug some serious leaks in our security system, Vaultree has spent more than 8 years developing an entirely unique software solution, allowing people to access, analyze, and process encrypted data without ever making it vulnerable to outsiders. Keeping our data safe while we work is the new frontier of security, and one which Vaultree looks set to lead in the years to come.We also speak about why Ryan doesn’t feel the need to follow other founders’ approaches, how he and his team managed to split their time between full time work, and why now that the software is ready to go it’s time for the real work to begin. Bringing real innovation to market is always a challenge, and for Vaultree, a company some feel is trying to achieve the impossible, educating people about the need for the software is less of a challenge than convincing them it’s not too good to be true.Topics Discussed:Living in 26 countries, and why Ryan’s life has always been on the moveWhy focusing on yourself is a professional development strategy just as valid as looking for established leadership figuresWhy existing encryption solutions for data are basically just ‘workarounds,’ and why Vaultree set out to do something differentWhy it took the Vaultree team 8 years to develop their technology, and why is was definitely worth the waitHow to sell a solution that most people perceive must be impossible, and why leaders in new markets have to master the art of narrativeHow Vaultree plans to make this new technology part of our daily lives, as invisible as the tech in our phone handset Favorite book: Can't Hurt Me: Master Your Mind and Defy the Odds

Welcome to another episode of Category Visionaries — the show that explores GTM stories from tech's most innovative B2B founders. In today's episode, we're speaking with Spencer Thompson, CEO & Co-Founder of Prelude Security, a continuous security testing platform that's raised over $30 Million in fundingHere are the most interesting points from our conversation:Emergence from a School to a Security Platform: Prelude started as a cybersecurity training school before pivoting to its current form, integrating education and cybersecurity innovation into one platform.Continuous Security Testing Explained: Prelude helps companies assess if they are vulnerable to specific cyber threats by running safe, simulated attacks on their systems, addressing the fundamental question, "Are we vulnerable to this?"Strategic Branding and Messaging: Prelude distinguishes itself from typical cybersecurity firms with a focus on foundational science and transparency, avoiding the fear-based marketing common in the industry.Impact of SEC Rulings on Cybersecurity: Spencer discussed the recent SEC rulings requiring public companies to disclose material breaches, a regulation that aligns with Prelude's mission to provide continuous, real-time security assessments.Customer-Centric Development: Emphasizing the importance of extensive customer discovery, Spencer highlighted how engaging deeply with customers has shaped Prelude's product and go-to-market strategy.Vision for National Scale Intelligence: Spencer envisions Prelude scaling to millions of endpoints, providing proactive security intelligence and transforming the reactive nature of current cybersecurity practices.// Sponsors:Front Lines — We help B2B tech companies launch, manage, and grow podcasts that drive demand, awareness, and thought leadership.www.FrontLines.ioThe Global Talent Co. — We help tech startups find, vet, hire, pay, and retain amazing marketing talent that costs 50-70% less than the US & Europe.www.GlobalTalent.co

In today’s episode, we speak with Danny Lopez, CEO and founder of Glasswall — a Content Disarm and Reconstruction (CDR) platform that’s raised more than $60 million in funding. Topics discussed:Danny’s journey — from diplomat to CEO of Glasswall. What Glasswall does and the problem they solve for customers. The State of CDR today, how the category has evolved over the past couple of years, and why it’s more important than ever.   How Danny engages with analyst firms like Gartner and how those conversations are leading the category from adolescence to mainstream. What’s in store for the future of CDR. 

Anagram is pioneering a new approach to security awareness that treats employees as assets rather than liabilities. With $10 million in funding, the company is reimagining how organizations address their most significant security vulnerability: human error. In this episode of Category Visionaries, we spoke with Harley Sugarman, Founder and CEO of Anagram, about his journey from venture capitalist to founder and how he's challenging decades of ineffective security awareness training with a human-driven security platform that drives real behavior change.Topics Discussed:The fundamental problems with traditional security awareness trainingHow AI is amplifying attackers' capabilities and the need for better human defensesAnagram's approach to personalized, puzzle-based, and in-the-moment security trainingThe shift from treating humans as "risks to be mitigated" to valuable security assetsFounder-led marketing strategies in the security industryPivoting from security professional training to broader security awarenessGTM Lessons For B2B Founders:Identify opportunities where market perception doesn't match reality: Harley noticed a massive gap between what CISOs considered their biggest vulnerability (human error) and how they addressed it (outdated, ineffective training). "If you ask 100 CISOs where an attack will come from, 90-95 will say one of their people will click on a phishing link," yet solutions remained antiquated. This disconnect signaled an opportunity to create a truly differentiated product. B2B founders should look for areas where customer actions don't align with their stated priorities, as these represent prime opportunities for innovation.Frame your solution to break industry paradigms: Rather than accepting the industry framing of "human risk management," Harley positioned Anagram around "human-driven security" — shifting from seeing employees as liabilities to valuable assets. "I hate that framing so much because it puts the onus on the human," he explained. "What I have been trying to frame our company around is this idea of human-driven security, which is taking humans and making them a line of defense." This reframing helps differentiate Anagram from competitors and resonates more positively with both security leaders and end users.Use data to overcome status quo inertia: In industries with deeply entrenched practices, the biggest challenge is often skepticism about whether a new approach can actually work. Harley's solution? Let the data make the case. "For us, we are very insistent on looking at the data showing customers, 'Hey, before you introduced us, this is the number of incidents you were seeing. After you introduced us, this is the number of incidents you're seeing.' And I think that's ultimately the thing that changes minds." Data-driven results help overcome the "it's always been this way" mindset that can derail innovative B2B solutions.Employ a land-and-expand strategy for complex purchases: Anagram uses a methodical approach to win over skeptical buyers: "We very much take a land and expand strategy where we'll go in, augment a specific part of the program, show them that this is actually making a meaningful difference in the data, and then that becomes a very easy business case." For B2B founders selling complex or paradigm-shifting solutions, demonstrating tangible value in a limited implementation can pave the way for broader adoption throughout the organization.Don't dismiss "old school" outreach tactics: Despite the emphasis on modern marketing techniques, Harley found success with traditional outbound methods: "So far, it has been pretty much exclusively outbound. So emails, LinkedIn, cold calling...which still works, by the way. I was shocked." B2B founders, particularly those targeting enterprise customers outside the tech bubble, should remember that traditional outreach methods can still be highly effective even when they seem outdated in startup circles.

In this episode of The Marketing Front Lines, we speak with Lisa O'Reilly, Vice President of Marketing at iVerify. iVerify is pioneering mobile endpoint detection security, providing advanced protection against real threats that face all mobile devices, including both iOS and Android. As the first full-time marketing hire at the company, Lisa has built a marketing program from the ground up in one of the most crowded and competitive markets in tech. Through research-driven content marketing, strategic event approaches, and disciplined brand positioning, she's developed playbooks for standing out in the cybersecurity space while building authentic authority and trust within the mobile security community.Topics Discussed:Building marketing programs as the first marketing hire at a cybersecurity startupLeveraging founder-led research and thought leadership for authentic brand buildingEvolving event strategies from large-scale booth presence to curated, high-value meetingsUsing AI tools to enhance marketing effectiveness and social media engagementDeveloping disciplined content strategies that build category authorityTransitioning from product-focused to human-centered cybersecurity marketingLessons For B2B Tech Marketers:Start With Deep ICP Analysis and Continuously Refine It: O'Reilly emphasizes that understanding your ideal customer profile isn't a one-time exercise. She rebuilt her buyer's journey and ABM program after her first year and continues to revise lead scoring models. This ongoing refinement ensures marketing efforts stay focused on prospects that actually convert, rather than chasing vanity metrics in an increasingly noisy market.Leverage Authentic Research as Your Differentiation Engine: Rather than competing on messaging alone, iVerify built their marketing around proprietary research and threat discovery. Their "Data in the Middle" report became a conversation starter at RSA, opening doors that traditional marketing tactics couldn't. The key is ensuring research is genuinely valuable to the community, not just thinly veiled product promotion.Abandon Large-Scale Events for Curated Relationship Building: O'Reilly shifted from expensive booth strategies at major conferences like RSA and Black Hat to hosting smaller, targeted meetings away from the event floor noise. This approach delivered better ROI through meaningful conversations and pipeline development, while avoiding the commoditized messaging that plagues large security conferences.Use AI as a Creative Partner, Not a Replacement: O'Reilly discovered that AI-assisted social media content consistently outperformed her organic posts in terms of engagement. Rather than using AI for complete content creation, she leverages it to expand her initial ideas from three concepts to six or seven, then selects the best options. This approach maintains authenticity while enhancing creative output.Build Authority Through Disciplined Topic Focus: In cybersecurity's crowded landscape, O'Reilly maintains strict discipline about which conversations to join. Rather than chasing every trending topic, iVerify focuses on mobile security expertise and consistently says no to adjacent opportunities. This focused approach builds genuine category authority over time.Transition From Product-Centric to Human-Centric Narratives: O'Reilly's career evolution from commodity tech marketing to cybersecurity reflects a broader shift toward storytelling that emphasizes human impact. She can now tell stories about protecting infants in ICU units from threat actors, transforming cold product features into compelling narratives about saving lives and protecting organizations.

Welcome to another episode of Behind the Category, where we explore the stories of founders who have successfully created and dominated new market categories. In today's episode, we're joined by Guy Tytunovich, CEO and Co-Founder of CHEQ, a go-to-market security platform that has raised an impressive $183 million in funding.From Military Intelligence to Tech Entrepreneurship: Guy shares his unique journey from serving in Israeli defense intelligence to founding CHEQ, highlighting how his military experience has influenced his approach to business and category creation.The Birth of Go-to-Market Security: Discover the strategic vision behind CHEQ and how Guy and his team identified the need for a new niche in cybersecurity, focusing on safeguarding businesses' go-to-market operations.Evangelizing and Educating the Market: Gain insights into CHEQ's efforts to educate the market, overcome initial skepticism, and achieve widespread acceptance through strategic communication and thought leadership.Timing is Everything: Guy reflects on the serendipitous timing of CHEQ's launch, aligning with emerging market needs and trends, and emphasizes the crucial role of timing in achieving category success.Convincing Customers to Invest in a New Category: Learn about the strategies CHEQ employs to persuade customers of the need for go-to-market security and overcome the challenge of establishing budget allocations for a new category.The Importance of Sales Enablement and Operational Excellence: Understand how CHEQ's focus on sales enablement and operational excellence has been pivotal in scaling the business and solidifying the go-to-market security category.

Silent Push is revolutionizing threat intelligence by tracking threat actors' infrastructure setup before attacks occur. After selling his first cybersecurity company to FireEye and serving as VP of Products there, Ken Bagnall launched Silent Push to address fundamental gaps in how organizations detect and prevent cyber threats. The company has achieved remarkable traction, securing 50% of global Fortune 50 companies as customers within 18 months of launch.Topics Discussed:Evolution from traditional threat intelligence to proactive infrastructure monitoringBuilding a complex data collection and behavioral analytics platformStrategic focus on enterprise customers versus SMB marketLeveraging research and expertise to drive brand awarenessBalancing free community tools with enterprise sales motionGeographic expansion challenges and opportunities GTM Lessons For B2B Founders: Focus on markets that appreciate technical depth: Ken's first company struggled selling sophisticated email security through MSPs to SMBs who couldn't appreciate the technical value. After being acquired by FireEye, they discovered enterprise customers who deeply understood and valued their capabilities. This taught them to focus Silent Push exclusively on enterprise customers who can recognize and properly value technical innovation."Shout loudly in a small room": Silent Push's early GTM strategy focused on penetrating tight-knit threat intelligence communities within industry verticals. By establishing themselves as experts in these concentrated groups and consistently sharing valuable insights, they built strong brand awareness among their exact target customers. The strategy proved highly effective, helping them land major enterprise accounts quickly.Build the right kind of community product: While many security companies struggle with free products, Silent Push succeeded by requiring user authentication, monitoring usage patterns to identify sophisticated users, and actively nurturing promising accounts. Ken emphasized that it's not purely product-led growth, but a "weird hybrid" approach tailored to their market position.Leverage research strategically: Rather than joining the "echo chamber" of threat research, Silent Push focuses on uncovering and publishing novel findings that demonstrate their unique capabilities. This approach not only builds credibility but creates content that can be monetized across multiple customer segments affected by the same threats.Take the right path to the CISO: Instead of pitching CISOs directly, Silent Push targets threat intelligence teams who can validate their technology hands-on and become strong internal champions. This circumvents initial skepticism about threat intelligence products at the CISO level by letting the technology prove itself first. // Sponsors:Front Lines — We help B2B tech companies launch, manage, and grow podcasts that drive demand, awareness, and thought leadership.www.FrontLines.ioThe Global Talent Co. — We help tech startups find, vet, hire, pay, and retain amazing marketing talent that costs 50-70% less than the US & Europe. www.GlobalTalent.co

Coalition has revolutionized the cyber insurance industry by creating an entirely new category called "active insurance." From its founding in 2017, Coalition has grown to become North America's largest cyber insurance provider, surpassing incumbents who had been in the market for over 20 years. In this episode of Category Visionaries, Joshua Motta shares how Coalition transformed from a startup to a $5B+ company by shifting demand away from traditional insurance products and establishing leadership in a new category they created.Topics Discussed:The evolution from cyber security as a technology problem to a risk management challengeCreating and defining the "active insurance" categoryBuilding and scaling distribution through existing insurance broker channelsThe role of education and storytelling in category creationCoalition's expansion beyond cyber insurance to protect digital businesses' intangible assetsInternational expansion strategy and future growth plansGTM Lessons For B2B Founders:Create categories, don't compete for existing demand: Instead of fighting for market share in an existing category, Coalition created a new category of "active insurance." This allowed them to shift the conversation from product comparison to category versus category, where they could define the rules and measures of success.Focus on education over pure product marketing: Coalition recognized that their core challenge was an education problem - helping businesses understand cyber risks, insurance coverage, and the value of active risk management. This informed their go-to-market strategy across all channels.Leverage existing distribution channels effectively: Rather than building their own distribution network, Coalition convinced independent insurance brokers to adopt their new category of insurance by demonstrating 10x improvement over traditional products.Build category awareness through multiple channels: Coalition deployed a comprehensive strategy including webinars, in-person sessions, broker training, marketing materials, website content, and executive storytelling to establish their category.Ensure your category definition enables growth: When creating a new category, ensure it's either sufficiently broad to accommodate future expansion or intentionally narrow to drive focus. Coalition chose "active insurance" to allow expansion beyond cyber while maintaining their core differentiation.

Welcome to another episode of Unicorn Builders. In today's episode, we're speaking with Oren Kaniel, CEO & Co-Founder of AppsFlyer, a mobile attribution and marketing analytics platform that has raised over $300 Million in funding.Here are the most interesting points from our conversation:Inception of AppsFlyer: Oren shared how his first experience with an iPhone in 2011 led him to realize the potential of mobile technology, sparking the idea behind AppsFlyer.Early Days and Challenges: He discussed the early challenges of convincing people about the growth potential of mobile, especially in a market still dominated by desktop and Blackberry users.Focus on Data Privacy: From the beginning, AppsFlyer was built with a strong emphasis on data privacy, which Oren recognized as a critical need for the future of mobile marketing.Bootstrapping Before Funding: Oren mentioned how the company was bootstrapped for its first few years, which instilled a strong discipline in the team and shaped the company's culture.Navigating Fundraising: The fundraising journey wasn’t straightforward. Oren shared key insights into how they strategically positioned AppsFlyer to attract significant venture capital investment.Building a Global Presence: Oren emphasized the importance of thinking globally from day one, highlighting how AppsFlyer expanded its operations to over 20 offices worldwide, ensuring a strong local presence in key markets. ​​

Welcome to another episode of Category Visionaries — the show that explores GTM stories from tech's most innovative B2B founders. In today's episode, we're speaking with Bill Moore, CEO & Founder of XONA, an OT user access platform that has raised over $30 Million in funding.Here are the most interesting points from our conversation:The Origin of XONA: Bill shared that XONA began with the goal of simplifying secure remote access for OT environments. Initially focused on making VDI simpler for the DoD, the company expanded into a broader secure access platform used widely in commercial sectors.From Idea to Market: It took a year from concept to their first paying customer, achieved by working closely with beta customers and testing prototypes in real-world environments before having a fully developed product.A Market Pivot: Although originally targeting the DoD, Bill discovered a huge opportunity in commercial OT sectors, particularly in natural gas distribution, which led to XONA's focus on industrial controls and OT systems.The “Guerrilla” Marketing Strategy: Early on, Bill employed a scrappy, grassroots approach to marketing by attending industry events, shaking hands, and networking—long before they could afford a booth or formal marketing campaigns.Category Creation in OT: XONA is redefining identity and access management for OT, where users interact with machines and operational processes rather than data. This approach requires distinct solutions from traditional IT systems, creating a new market category.Global Expansion: XONA is now operating in over 35 countries through its partnership with GE, focusing on OT cybersecurity in sectors like power generation, manufacturing, and other critical infrastructure. // Sponsors:Front Lines — We help B2B tech companies launch, manage, and grow podcasts that drive demand, awareness, and thought leadership.www.FrontLines.ioThe Global Talent Co. — We help tech startups find, vet, hire, pay, and retain amazing marketing talent that costs 50-70% less than the US & Europe. www.GlobalTalent.co

Welcome to another episode of Category Visionaries — the show that explores GTM stories from tech's most innovative B2B founders. In today's episode, we're speaking with Russell Spitler, CEO & Co-Founder of Nudge Security, a SaaS security platform that's raised $17 Million in funding.Here are the most interesting points from our conversation:The Growing SaaS Management Challenge: With employees adopting numerous SaaS tools, security risks escalate. Nudge Security addresses these risks by helping organizations understand what SaaS accounts are in use and managing them proactively.The Founding Insight: Russell was inspired by a personal data breach involving a company he’d never interacted with. This spurred his focus on how to manage and secure SaaS accounts effectively, leading to the creation of Nudge Security.Customer Validation Through 200 Conversations: Before diving into product development, Russell and his co-founder spoke with 200 industry professionals to validate the need for a solution like Nudge, confirming a clear pain point around unmanaged SaaS tools and data security.PLG in Cybersecurity: Russell emphasized a product-led growth (PLG) approach, uncommon in cybersecurity. He believes the key to PLG success is delivering immediate value to users, reducing the time-to-value to under two hours.Content Marketing as an Educational Tool: Nudge's marketing strategy prioritizes education over traditional product pitches. By providing valuable insights, they build trust and long-term relationships with potential customers.The Future Vision: Nudge aims to become the go-to platform for managing all SaaS-related technology and integrations, streamlining security, identity management, and data sharing across organizations. // Sponsors:Front Lines — We help B2B tech companies launch, manage, and grow podcasts that drive demand, awareness, and thought leadership.www.FrontLines.ioThe Global Talent Co. — We help tech startups find, vet, hire, pay, and retain amazing marketing talent that costs 50-70% less than the US & Europe. www.GlobalTalent.co