How Canary Developer Thinkst Grew to $11 Million ARR With No VC Money

  • Thinkst is the 25-person cybersecurity company behind Canary, an industry-standard developer tool.
  • Thinkst now sees $11 million in annual recurring revenue — without ever taking a dime of VC money.
  • Its CEO says the key is that Canary is ‘the stupidest product out there’ but it’s useful and works.

Thinkst is the company behind Canary, a cybersecurity tool for software developers that’s emerged as something of a standard in the information security industry, with customers including some of the Fortune 500 — driving what Thinkst says is an $11 million-per-year business.

That success is made more notable by the fact that Thinkst is a small company in an industry dominated by giants like Cisco and Microsoft: Based in South Africa, Thinkst has a team of only 25 employees, seven of whom work in sales. And it’s fully bootstrapped, meaning that it’s never taken a dime of venture capital money, even as VCs have pumped billions into the cybersecurity industry this year alone.

CEO Haroon Meer tells Insider that he made a deliberate choice to not raise VC money for Thinkst. While he says has great respect for what VCs do, he feels too much focus on metrics like valuation and total funding are often used to “feed a founder’s ego.” Taking that kind of money can lead to “complications,” he said.

“When you’ve got all this VC money and you are racing for high valuations, you don’t spend that much time on the fundamentals,” Meer said. “How can we expect people to trust us if we don’t do things securely ourselves?” 

The secret to Thinkst’s success in doing more with less, Meer said, was keeping a tight focus. By Meer’s own estimation, there’s nothing particularly special about Canary, other than that it’s reliable and does exactly what it’s designed to do: Warn customers when someone’s trying to break into their systems.

“To be honest, I think we are the stupidest product out there,” Meer said.”We are super simple, and we work. In part, that’s what security needs, you need building blocks that you can rely on.” 

Meer started Thinkst after his decades-long stint as a penetration tester, someone who simulates cyberattacks to point out vulnerabilities in their client’s security systems. The results he found were sobering — companies would spend “millions on security, yet won’t know they’ve been breached,” he tells Insider. 

 

Fundamentally, Canary allows customers to set up its namesake “canaries” — software that’s designed to send an alert when a specific cyber threat is detected. Those canaries can sit on computer networks, servers, and routers indefinitely. When an attacker tries to break in, the canaries are immediately set off to notify customers.

Meer says that Canary is actually pretty rudimentary, but it became apparent early on in the product’s existence that it would become Thinkst’s flagship and most popular product.

“If we are talking success — we were very lucky early on with our earliest users tolerating us sucking,” Meer said. “They used us for what we were good at, and were willing to ignore our warts. Which motivated us to completely remove the rough edges off, and serve them single-handedly in what they liked us for.”  

Which is why Meer feels that the straightforwardness of Canary’s mission might be “tainted” by VC money. Meer says that the company was slowed down early on without the backing of a major VC, but on the flip side, he says that spending time trying to impress investors would have undermined Thinkst’s freedom to only focus on Canary. 

The result, Meer says, is that the company is thriving on its own terms by focusing on building a single, useful tool that does exactly what it says it will do, nothing more and nothing less.

“The security industry has been bad at making bombastic claims for so long. We don’t claim to solve everything,” he said. 


Credit: Source link

Comments are closed.