Ready to build your own Founder-Led Growth engine? Book a Strategy Call
Frontlines.io | Where B2B Founders Talk GTM.
Strategic Communications Advisory For Visionary Founders
Actionable
Takeaways
AI-native offense requires AI-native defense:
Mehul's core thesis isn't speculative — it's built on what he watched happen to his own craft. Writing vulnerability exploits once required deep skill and months of work. AI collapsed that barrier. "So now an attacker can essentially build a functional exploit with just a prompt." The implication for defenders is direct: the tools built for the old pace won't be sufficient for the new one.
Rejecting every existing category:
When Quantro came out of stealth, the obvious move was to slot into CTEM or risk-based vulnerability management. Mehul passed. "Are you a CTEM player? Are you a risk-based VM player? Are you VM player? Well, no, no, no, none of that." The existing categories imply replacing tools. Quantro's frame is different: become the connective layer on top of what customers already have.
User interface of record, not system of record:
Most AI companies pitch replacing core platforms. Quantro's pitch is the opposite: "We don't replace the tools. We just make their existing tools much more, much more effective." Enterprises aren't ripping out entrenched infrastructure. They want ROI from what they've already bought.
The barbell competitive map:
Mehul frames the landscape as a barbell: hyperscalers ("a mile wide, a millimeter deep") on one end, siloed point tools (deep in their own data, blind to organizational context) on the other. Quantro positions as the connective tissue between them.
The 50% false positive tax:
When Mehul talks to security prospects, the same reality surfaces: "Almost 50 % of the time is triaging false positives, reaching out to the people." Asset ownership is unclear. Handoffs break down. None of it moves the risk needle. The agents absorb that work.
Conversation
Highlights
Quantro Security: What Happens When the Cost of Cyberattack Goes to Zero
Mehul spent years at Tenable learning to write vulnerability signatures. The job required reading codebases he hadn’t built, identifying the difference between old and new versions, isolating the vulnerable path, and crafting a precise exploit without crashing the system on the other end. “I sucked at it,” he says. “But it took a lot of time to master this craft.”
Then AI arrived. The skill he’d spent years developing dropped in cost to near zero. “So now an attacker can essentially build a functional exploit with just a prompt.” Attack campaigns that once required months of specialized engineering work can now be assembled in minutes.
That insight became the foundation of Quantro Security, which just came out of stealth with an AI agent platform built for cyber defense. In a recent episode of BUILDERS, Mehul shared how this thesis shaped not just what they built, but every decision behind where and how they’re taking it to market.
Defenders in the Wrong Gear
Mehul’s argument doesn’t need a long setup: if AI makes offense cheaper and faster, defense has to move at the same speed. “You need AI native defends against AI native offense,” he says. The problem is that most enterprise security teams are still running on static, rules-based tools that weren’t designed for this pace.
The playbook itself hasn’t changed: inventory your systems, patch them, secure them, repeat. What has changed is the time window defenders have before attackers move through. Legacy vulnerability management platforms surface data. They don’t reason on it. They tell you what they found. They can’t tell you what to do next, in what order, given what your organization can actually act on today.
The Category Trap
When Quantro came out of stealth, the obvious move was to slot into an existing market. CTEM, risk-based vulnerability management, exposure management. Mehul rejected all of them.
“Are you a CTEM player? Are you a risk-based VM player? Are you VM player? Well, no, no, no, none of that,” he says. The existing categories frame the problem as tool replacement. That’s not what Quantro does. “We don’t replace the tools. We just make their existing tools much more, much more effective.”
The shift was to frame Quantro as the “user interface of record” rather than a “system of record.” Most AI companies pitch replacing HubSpot or Salesforce equivalents. Mehul calls that framing unrealistic in enterprise — large organizations aren’t ripping out entrenched infrastructure based on an AI pitch. Quantro’s play is different: connect everything you already have into one interface and let the agents do the work across it.
The Barbell Map
Mehul uses a framework he calls the “barbell problem” to describe the competitive landscape. On one end sit the hyperscalers. “They are a mile wide, a millimeter deep. So they claim to do everything, but do nothing really well,” he says. These platforms often get bundled into enterprise agreements, so customers end up using them by default and develop a perception of doing something with AI while extracting little actual value.
On the other end are siloed point tools. They’re excellent within their specific domain — cloud security, infrastructure vulnerability management — but they operate in isolation from the organization they’re protecting. A cloud security tool has no context about what the infrastructure team is managing. The data stays siloed.
Between these two sits the enterprise customer, trying to make sense of investments already made. “We come in, we become the connective tissue,” Mehul says. The goal is to make everything purchased work together and translate fragmented data into decisions.
The 50% Problem
When Mehul talks to security prospects, the same operational reality surfaces: roughly half of the team’s time disappears before any meaningful security work begins. “Almost 50 % of the time is triaging false positives, reaching out to the people,” he says.
Asset ownership is unclear. Handoffs break down. Someone patches something but two weeks later no one has confirmed it was done. The follow-up cycle never ends. None of it moves the risk needle. The agents absorb that work — freeing the security team for the decisions that actually matter: where to put the next dollar of budget, which exposures are most likely to be exploited, what’s achievable given 10 hours of available capacity.
Selling What Buyers Can’t Picture
The hardest part of the go-to-market isn’t the competitive landscape. It’s that many buyers don’t yet have a mental model for what Quantro is selling. “Sometimes we have to educate the market because when we go and pitch these solutions, this almost seems like the customers are driving a horse buggy and we are pitching a self-driving car,” Mehul says.
Buyers ask if Quantro can do ticketing. Yes — but that’s the least interesting thing on the platform. The harder capability to explain is an agent that can reason across an entire enterprise security dataset, surface risk the human team missed, and act on it without requiring a prompt for every step. The vision Mehul is building toward flips the interaction model entirely: agents that know your organization well enough to initiate, with humans approving rather than directing.
His own team is the proof of concept. A small group backed by coding agents handles work that once required dedicated headcount. He envisions the same structure for security operations — a lean, elite team at the center managing a fleet of purpose-built agents across vulnerability management, compliance, pen testing, threat intelligence, and risk reduction planning. “Your organization is secure, doesn’t show up on the front page of Washington Post or New York Times,” he says. That’s the outcome. The question is how many defenders build toward it before the attack surface shifts beneath them.
Recommended Founder
Interviews
Robert Cowart
CEO & Co-Founder of ElastiFlow
Robert Cowart, CEO & Co-Founder of ElastiFlow: $8 Million Raised to Power the Future of Network Performance and Security Analytics
Marina Segal
CEO and Co-Founder of Tamnoon
Marina Segal, CEO & Co-Founder of Tamnoon: Over $5 Million Raised to Build the Future of Cloud Security
John Milburn
CEO of Clear Skye
John Milburn, CEO of Clear Skye: More Than $20 Million Raised to Build the Future of Identity and Access Governance
Bill Moore
CEO and Founder of XONA
Bill Moore, CEO and Founder of XONA: $30 Million Raised to Build the Future of OT User Access
Itzik Alvas
CEO & Co-Founder of Entro Security
Itzik Alvas, CEO & Co-Founder of Entro Security: $24 Million Raised to Build the Future of Non-Human Identity Management
Paul Lewis
Founder and CEO of Calamu
Paul Lewis, CEO of Calamu: $20 Million Raised to Build the Cyber Storage Category
Kyle Hanslovan
CEO & Co-Founder of Huntress
Kyle Hanslovan, CEO of Huntress: $160 Million Raised to Build the Future of Managed Security
Peter Prizio Jr
CEO of SnapAttack
Peter Prizio Jr, CEO of SnapAttack: $8 Million Raised to Power the Future of Threat Management
Joe Levy
CEO of Sophos
Joe Levy, CEO of Sophos: $1.5 Billion ARR and the Future of Cybersecurity at Scale
Ben Levine
Senior Director of Product Management and Marketing of Axiado Corporation
Building Marketing Guidelines That Actually Stick Across Teams
Carole Winqwist
CMO of GitGuardian
How to Win with Rapid Response: GitGuardian’s Media Playbook
Umaimah Khan
CEO and Co-Founder of Opal Security
Umaimah Khan, CEO & Co-Founder of Opal Security: $32 Million Raised to Build the Future of Identity Security
Eddie DeCurtis
Co-Founder and CEO of Shush
How Shush differentiated against competitors by solving business operations, not just deploying technology | Eddie DeCurtis, Co-Founder & CEO of Shush Inc.
Mike Janke
Co-Founder of Data Tribe
Funding the Future: Mike Janke, Co-Founder of Data Tribe
Ryan Schonfeld
Founder & CEO of Hivewatch
Ryan Schonfeld, CEO of Hivewatch: $25 Million Raised to Build the OS of Physical Security
Pukar Hamal
CEO and Founder of SecurityPal
Pukar Hamal, CEO and Founder of SecurityPal: $21 Million Raised to Power the Future of Customer Assurance
Lisa O’Reilly
Vice President of Marketing of iVerify
How iVerify’s First Marketing Hire Built a Research-Driven Engine
Diana Rabba
Head of Marketing of Exein
Long Game Marketing: Building Trust in High-Stakes B2B Sales
Michael Assraf
CEO & Founder of Flamingo
How Flamingo generated 1,000 waitlist signups before launching a product using a free community tool | Michael Assraf
Denny LeCompte
CEO of Portnox
Why Portnox’s CEO refuses to measure Net Promoter Score | Denny LeCompte
Dan Lorenc
CEO & Founder of Chainguard
Dan Lorenc, CEO & Founder of Chainguard: $250 Million Raised to Power the Future of Software Supply Chain Security
Colby Proffitt
VP of Marketing of Shift5
From the Pentagon to B2B: Colby Proffitt’s Journey and ABM Insights
Oren Kaniel
CEO & Co-Founder of AppsFlyer
Oren Kaniel: The GTM Story of AppsFlyer ($2 Billion Valuation)
Ani Chaudhuri
CEO & Co-Founder of Dasera
Ani Chaudhuri, CEO & Co-Founder of Dasera: $21 Million Raised to Build the Future of Data Security
Peter Dvorak
Founder & CEO of Wultra
How Wultra built category leadership as the only post-quantum provider for banking digital identity | Peter Dvorak
Jason Martin
Co-Founder and Co-CEO of Permiso Security
Jason Martin, Co-Founder and Co-CEO of Permiso Security: $10 Million Raised to Build the Future of Cloud Security
Stephen de Vries
CEO and Co-Founder of IriusRisk
Stephen de Vries, CEO and Co-Founder of IriusRisk: $40 Million Raised to Build the Future of Threat Modeling
Edward Wu
CEO and Founder of Dropzone AI
Edward Wu, CEO & Founder of Dropzone AI: $20 Million Raised to Build the Future of AI SOC Analysts
Ayal Yogev
CEO and Co-Founder of Anjuna
Ayal Yogev, CEO and Co-Founder of Anjuna: $42 Million to Build The Future of Confidential Computing
Matthew Howard
SVP & CMO of Virtru
How to Time Analyst Relations for Maximum Category Impact
Danny Lopez
CEO of Glasswall
Danny Lopez CEO of Glasswall: $60+ Million Raised to Make the Content Disarm and Reconstruction (CDR) Category Mainstream
Dan Lowden
CMO of Blackbird.AI
How to Create a Category: Dan Lowden’s 8-Exit CMO Playbook
Julie Preiss
Chief Marketing Officer of Centripetal
Why Your Cybersecurity Brand Sounds Like Everyone Else
Ben Kliger
CEO and Co-Founder of Zenity
Ben Kliger, CEO and Co-Founder of Zenity: $21.5 Million Raised to Build the Future of Security and Governance for AI, Low-Code, and No-Code Development
Scott McCrady
CEO of SolCyber
Scott McCrady, CEO of SolCyber: $20 Million Raised to Build the Future of Managed Security
Rohan Sathe
Co-Founder & CEO of Nightfall AI
How Nightfall AI uses CISO dinners to generate pipeline | Rohan Sathe
Tom Jermoluk
CEO of Beyond Identity
Tom “TJ” Jermoluk, CEO of Beyond Identity: $200 Million Raised to Build the Future of Multi-Factor Authentication
Tiffany Ricks
CEO and Founder of HacWare
Tiffany Ricks, CEO and Founder of HacWare: $2.6 Million Raised to Build the Future of Security Awareness
Jean Le Bouthillier
CEO of Qohash
Jean Le Bouthillier, CEO of Qohash: $20 Million Raised to Build the Future of Data Security
Arjun Bhatnagar
CEO & Co-Founder of Cloaked
Arjun Bhatnagar, CEO of Cloaked: $25 Million Raised to Build the Future of Data Privacy
Amit Gupta
Senior Director of Marketing Operations of Fortanix
Why Marketing Ops Should Be Your First GTM Hire
Paul Valente
CEO and Co-Founder of VISO Trust
Paul Valente, CEO and Co-Founder of VISO Trust: $17 Million Raised to Build the Future of Third-Party Cyber Risk Management
Nadav Arbel
CEO & Co-Founder of Cyrebro
Nadav Arbel, CEO & Co-Founder of Cyrebro: $51 Million Raised to Build the Future of ML-Backed MDR
Tom Tovar
CEO and Co-Founder of AppDome
Tom Tovar, CEO of AppDome: Over $26 Million Raised to Build the Future of Mobile App Security
Bob Tinker
CEO & Co-Founder of BlueRock
How BlueRock identified three distinct buyer personas by asking “How would you describe what we do to your peers?” | Bob Tinker
David Etue
CEO of Nisos
David Etue, CEO of Nisos: $33 Million Raised to Build the Future of Managed Intelligence
Justin Beals
CEO, Co-Founder of Strike Graph
Justin Beals, CEO of Strike Graph: $12 Million Raised to Build the Future of Automated Security and Compliance
Michael Assraf
CEO & Co-Founder of Vicarius
Michael Assraf, CEO of Vicarius: $29 Million Raised to Build the Future of Vulnerability Prioritization
Neil Serebryany
CEO and Co-Founder of CalypsoAI
Neil Serebryany, CEO & Co-Founder of CalypsoAI: $38 Million Raised to Power the Future of AI Security
Tony Scott
CEO & President of Intrusion
How the ex-White House CIO turned around a failing cybersecurity company by fixing the product first | Tony Scott
Dimitri Sirota
CEO & Co-Founder of BigID
Dimitri Sirota: The GTM Story of BigID ($1.25 Billion Valuation)
Mollie Breen
CEO and Co-Founder of Perygee
Mollie Breen, CEO and Co-Founder of Perygee: $6.4 Million Raised to Build the Future of IT/OT Security
Jessica Pratt
Director of Marketing and Communications of Peak Metrics
How PeakMetrics Turns Product Data Into Marketing Gold
Christian Almenar
CEO & Co-Founder of Monad
Christian Almenar, CEO of Monad: $19 Million Raised to Solve the Cybersecurity Big Data Problem
Ian Amit
CEO and Founder of Gomboc
Ian Amit, CEO & Founder of Gomboc: $5 Million Raised to Build the Future of Cloud Security Remediation
Aurelie Guerrieri
Chief Marketing & Alliances Officer of DataDome
Aurelie Guerrieri, Chief Marketing & Alliances Officer at DataDome: 20 Years in Silicon Valley – Insights on the Evolving Tech Landscape
Harley Sugarman
Founder & CEO of Anagram
Harley Sugarman, Founder & CEO of Anagram: $10 Million Raised to Transform Human-Driven Security
Russell Spitler
CEO & Co-Founder of Nudge Security
Russell Spitler, CEO & Co-Founder of Nudge Security: $17 Million Raised to Build the Future of SaaS Security
Tom Jermoluk
CEO of Beyond Identity
Tom “TJ” Jermoluk: The GTM Storyteller of Beyond Identity ($1.1 Billion Valuation)
Alan LeFort
CEO of StrongestLayer
How StrongestLayer achieved 85% meeting-to-POC and 100% POC-to-win rates using transparent one-week pilots | Alan LeFort
Josh Shaul
CEO of Allure Security
Josh Shaul, CEO of Allure Security: $6 Million Raised to Help Businesses Win the Battle Against Online Scammers
Mykolas Rambus
CEO & Co-Founder of Hush
Mykolas Rambus, CEO & Co-Founder of Hush: $7.5 Million Raised to Build the Future of Data Privacy
Ryan Lasmaili
CEO & Co-Founder of Vaultree
Ryan Lasmaili, CEO of Vaultree: $16 Million Raised to Build the World’s First Fully Functional Data-in-Use Encryption
Sivan Tehila
Founder and CEO of Onyxia
Sivan Tehila, Founder and CEO of Onyxia: $5 Million Raised to Build the Future of Cybersecurity Performance Management
Adam Cecchetti
CEO & Co-Founder of Staris AI
Adam Cecchetti, CEO & Co-Founder of Staris AI: $5.7 Million Raised to Build Total Context Security for Application Protection
Dave Mor
CEO and Co-Founder of OneLayer
Dave Mor, CEO and Co-Founder of OneLayer: $15 Million Raised to Protect Private Cellular Networks
Rodrigo Leme
Marketing Director of Right-Hand Cybersecurity
Rodrigo Leme, Marketing Director at Right-Hand Cybersecurity: Standing Out in a Crowded Market – Niche Targeting and Customer-Centric Approach
Idan Bar-Dov
CEO and Co-Founder of Heka Global
How Heka Global positioned web intelligence as a fourth fraud detection layer to avoid vendor comparison | Idan Bar-Dov
Arie Zilberstein
CEO and Co-Founder of Gem Security
Arie Zilberstein, CEO and Co-Founder of Gem Security: $34 Million Raised to Power the Future of Cloud Detection and Response
Stijn Vande Casteele
Founder of Sweepatic
Stijn Vande Casteele, Founder of Sweepatic: $4.4 Million Raised to Build the Future of External Attack Surface Management
Ori Eisen
CEO & Founder of Trusona
Ori Eisen, CEO & Founder of Trusona: $38 Million Raised to Power the Future of Account Takeover Prevention
Spencer Thompson
CEO and Co-Founder of Prelude
Spencer Thompson, CEO and Co-Founder of Prelude: Over $30 Million Raised to Build the Future of Continuous Security Testing
Ken Bagnall
CEO & Founder of Silent Push
Ken Bagnall, CEO & Founder of Silent Push: $22 Million Raised to Transform Threat Intelligence Through Adversary Infrastructure Monitoring
Matteo Bogana
CEO and Co-Founder of Cleafy
Matteo Bogana, CEO & Co-Founder of Cleafy: $12 Million Raised to Build the Future of Online Fraud Prevention
Eric Olden
CEO and Founder of Strata Identity
Eric Olden, CEO and Founder of Strata Identity: $42 Million Raised to Build the Identity Orchestration Category
Dimitri Sirota
CEO & Co-Founder of BigID
Dimitri Sirota: The GTM Story of BigID ($1.25 Billion Valuation)
David Brumley
CEO of Mayhem
David Brumley, CEO of Mayhem: $38 Million Raised to Build the Future of Security Testing
Sebastian Stranieri
CEO & Founder of VU Security
Sebastian Stranieri, CEO & Founder of VU Security: $24 Million Raised to Build the Future of Digital Identity & Fraud Prevention
Kyle Hanslovan
CEO & Co-Founder of Huntress
What happens when you outgrow your messaging? w/ Huntress CEO Kyle Hanslovan
Joshua Motta
CEO & Co-Founder of Coalition
Joshua Motta: How Coalition Created the “Active Insurance” Category ($5B Valuation)
Austin Gadient
CTO & Co-Founder of Vali Cyber
Austin Gadient, CTO & Co-Founder of Vali Cyber: $15 Million Raised to Build the Future of Linux Security
Philippe Humeau
CEO of CrowdSec
Philippe Humeau, CEO of CrowdSec: $21 Million Raised to Build the Future of Cyber Threat Intelligence
Tony Lombardo
VP of Marketing of ThreatModeler Software
Why 99% of Cybersecurity Marketers Are Doing Demand Gen Wrong