How I Broke Into the App Security Market With the Perfect Product at the Perfect Time

By Venkatesh (Venky) Sundar, Founder and President – Americas, Indusface

Venkatesh Sundar

Conventional wisdom says that you should steer clear of crowded markets, especially in the application security space, where there are over 4000 vendors. 

However, as the saying goes, riches lie in niches, and this is our story of how we built a $10M business with just $5M raised and obtained a feather in our cap — recognition as a Global Customer Choice in the Gartner Peer Insights Cloud WAAP 2023 report.

I want to share some of the main challenges I faced as an entrepreneur entering new markets and how I overcame them. 

But first, let me tell you a bit about my background. I have been in the cybersecurity business for more than 20 years, working with US-based product companies like Entrust and Cognos. I started as a software engineer and then moved on to engineering, services, and sales management roles.

From Top to Bottom: The Perfect Product 

I spent about ten years working with Entrust as Head of Sales for the Asia Pacific region and Central U.S. Sales. During that time, I kept in close contact with my clients and realized they were struggling to manage WAF software as it was highly technical, and more often than not, their teams didn’t have the skill to manage the software. Vendors did offer managed services, but they were either too expensive or too reactive. So, we decided to take the plunge and start Indusface. 

Developing new products is a tough business. Estimates of products that fail ranged from 80 to 95%. In reality, failed products go unseen and are very hard to quantify. Harvard Business Review explains that there are many reasons why new products fail, including poor market research, poor product design, poor timing, poor marketing, and poor execution.

Traditionally, cybersecurity products, like other products and services, are developed with some market insight. As founders of Indusface, we had the luxury of having some of India’s largest enterprises who used our application security services, such as penetration testing. At this time, we were actually bundling a competing automation product. Then we found gaps that our customers wanted that couldn’t be addressed in the current product roadmap of the competing product.  

As we developed the product, we got an asset purchase offer from a large technology firm, and we ended up taking that offer. 

Throughout this journey, our customers have been our pillars of strength and source of market research. It helped that these were large enterprise customers with relatively large security teams. 

Another insight that we got from this led to our flagship product AppTrana. The only WAAP solution(previously WAF) that shows how many open vulnerabilities exist in the applications and how many are currently protected by the WAF. The additional value added was that most of the open vulnerabilities could be temporarily patched on the WAF through certified security researchers. 

The last point is something that our customers have come to love, as it has always been a considerable challenge to recruit application security engineers to manage complex software like a WAF.

It helped that our asset acquisition by this technology company served as the seed fund. We had the luxury of iterating on customer feedback over a period of 5 years without worrying about whether the company will run out of cash. This was very important for us as we knew that the application security market was crowded, and unless we get the right product-market fit (PMF), we will not succeed. In hindsight, an earlier funding round might have added a lot of pressure on growth and GTM motion, and those distractions might have delayed our road to PMF. 

The Perfect Time: Adapting to the Unexpected 

Timing is everything for go-to-market, primarily when you operate in a crowded market. Your solution or portfolio may be the most innovative in the world, but it will go nowhere fast if your GTM is not well-planned.  

And the global COVID-19 pandemic proved that beyond any expectation. But while many companies struggled or shut down due to lockdowns and reduced demand, we saw an opportunity.

We raised funding in 2020 when we knew that we had feature parity with our competition, and in our value adds, we were beating them hands down.

We realized that COVID-19 accelerated digital transformation and increased reliance on web applications. This also increased cyberattacks and exposed vulnerabilities. We saw a huge demand for app security solutions, especially from sectors like financial services, healthcare, e-commerce, education, and every other industry. 

We seized this opportunity and raised our series A. 

The pandemic fueled a massive global migration to the cloud as companies strived to adapt to the hybrid world and become data-driven.  It helped that there was massive adoption of AWS and Azure, so the apprehension against the cloud was almost nil, even in traditional industries. 

With money in the bank, we invested heavily in marketing and sales to expand our offerings to the global markets.

As a result of these efforts, we achieved remarkable growth during the COVID-19 pandemic. Our revenue increased by 300% in the last 3 years. 

We now have 5000+ customers. The cherry on the top was our recognition in the Gartner Peer Insights Voice of Customer Cloud WAAP report, where we were rated as a global customer choice in 2022. Needlessly to say, we feature again as a global customer choice in 2023. 

This opportunity is still very much in play. In 2022 the global cloud migration market was valued at about $7 billion and is expected to continue expanding at a CAGR of 21.7%, reaching $22.8 billion by 2028. ”

Focusing on Core Fundamentals 

Building the perfect product requires more than just insight into what clients want. Even if you have the specifics, you still have to draw up the blueprints and execute them to perfection. Your success will depend on your own talent and that of your team. 

I built Indusface from scratch with a vision to provide total application security for web, mobile, and API applications. I started as the technologist who created the products and technology team ground up. Then I took on marketing and sales functions to drive new customer acquisition and global revenue growth.

One of my biggest challenges was entering new markets with limited resources. As a bootstrapped startup, we had to be very smart about where we invested our time and money. We had to find ways to differentiate ourselves from competitors and prove our value proposition to potential customers. 

We did this by focusing on three things: innovation, customer satisfaction, and thought leadership.


Constantly innovating products based on customer feedback and market trends is critical. In a market like cybersecurity which is overabundant in competition, setting ourselves apart with holistic solutions was our primary goal. 

For example, just 3-4 years back, Gartner was talking about how teams were moving to “best of breed” solutions rather than taking good enough platforms. 

However, this resulted in a lot of shelfware. So much that now there are SaaS platforms to help you cut SaaS spending! This year, there’s this focus on cutting expenses as many companies are cutting technology spending first. 

However, at Indusface, we have always focused our innovation around giving our customers value.

This meant we had to build a comprehensive security platform. Enabling companies with integrated web application scanner (WAS), web application firewall (WAF), DDoS and BOT mitigation (DBM), content delivery network (CDN), SSL/VMC certificates (secure sockets layer/Verified Mark Certificate), and threat intelligence engine (TIE) is no small feat. 

Thought leadership

Networking and creating valuable resources that go beyond the brand and the product are also big opportunities that every company can easily access, thanks to our connected digital world. Transparent thought leadership and sharing expertise allow companies to grow continually and keep one step ahead of the pack. 

Companies should work hard to establish themselves as experts in their field. From social media to ebooks, guides, zero-day vulnerability reports, case studies, testimonials, and webinars—these resources strengthen the industry and support customers.   

Thought leadership, customer experience, and innovation helped us gain trust and credibility among our target audience and enter new markets like the U.S., the U.K., Australia, Asia, and other regions and countries. 

Creating the perfect product is very much like building a dream. It slowly takes shape and grows with the participation of your coworkers, colleagues, and especially your customers. Somewhere along the development phases, the product takes a life of its own and is no longer yours. It evolves and perfects itself. Once it hits the market, it belongs to your clients and the world. And that is the ultimate milestone. I firmly believe that the perfect product, at the perfect time, can change the world for the better.   

error: Content is protected !!