Joni Klippert

What we had to do is become the best possible API security testing platform because that one API route could serve 2000 pages on a website. So let's just scan the route and fix it at source. So it makes it rip and fast. And then when you fix something, it's going to fix downstream.

We went to market with rest and so, and then very quickly first to market with GraphQL testing, next GRPC testing, and then continue to add capabilities to make sure that we could test APIs deeper, like not just really dumb fuzzing, but making sure that we're putting in appropriate variables that help pop the right types of vulnerabilities.

We went to market with rest and so, and then very quickly first to market with GraphQL testing, next GRPC testing, and then continue to add capabilities to make sure that we could test APIs deeper, like not just really dumb fuzzing, but making sure that we're putting in appropriate variables that help pop the right types of vulnerabilities.

We went to market with rest and so, and then very quickly first to market with GraphQL testing, next GRPC testing, and then continue to add capabilities to make sure that we could test APIs deeper, like not just really dumb fuzzing, but making sure that we're putting in appropriate variables that help pop the right types of vulnerabilities.

So there was a lot of time spent on the scanning capability and it was all very developer driven. So we built a product to be automated and to be used by software engineers. And what started to happen in the market is a couple of things. PLG in this space was slowing down as the market was starting to slow down in 2022.

So there was a lot of time spent on the scanning capability and it was all very developer driven. So we built a product to be automated and to be used by software engineers. And what started to happen in the market is a couple of things. PLG in this space was slowing down as the market was starting to slow down in 2022.

So there was a lot of time spent on the scanning capability and it was all very developer driven. So we built a product to be automated and to be used by software engineers. And what started to happen in the market is a couple of things. PLG in this space was slowing down as the market was starting to slow down in 2022.

A lot of small companies were just trying to be companies and they were buying less software. And then at the same time, we had been in market long enough that we started to get a lot of enterprises and evaluating stuff, which was very exciting. But that's a big change. In looking at our roadmap, it was, who is our ICP? How is it evolving? And what capabilities does this new audience need?

A lot of small companies were just trying to be companies and they were buying less software. And then at the same time, we had been in market long enough that we started to get a lot of enterprises and evaluating stuff, which was very exciting. But that's a big change. In looking at our roadmap, it was, who is our ICP? How is it evolving? And what capabilities does this new audience need?

A lot of small companies were just trying to be companies and they were buying less software. And then at the same time, we had been in market long enough that we started to get a lot of enterprises and evaluating stuff, which was very exciting. But that's a big change. In looking at our roadmap, it was, who is our ICP? How is it evolving? And what capabilities does this new audience need?

And so there've been periods in the business where we're building either very strategic, just technology to make sure that we're being relevant, a relevant product in an API driven world. And then there have been initiatives that are, okay, we have an evolving ICP.

And so there've been periods in the business where we're building either very strategic, just technology to make sure that we're being relevant, a relevant product in an API driven world. And then there have been initiatives that are, okay, we have an evolving ICP.

And so there've been periods in the business where we're building either very strategic, just technology to make sure that we're being relevant, a relevant product in an API driven world. And then there have been initiatives that are, okay, we have an evolving ICP.

What do these less technical security folks who are ultimately responsible for the security of their applications, but rely on software engineers in order to make sure that they can do their job and build secure applications. What do we build for them? And so we started building more to help the security persona understand more about what was happening in software engineering.

What do these less technical security folks who are ultimately responsible for the security of their applications, but rely on software engineers in order to make sure that they can do their job and build secure applications. What do we build for them? And so we started building more to help the security persona understand more about what was happening in software engineering.

What do these less technical security folks who are ultimately responsible for the security of their applications, but rely on software engineers in order to make sure that they can do their job and build secure applications. What do we build for them? And so we started building more to help the security persona understand more about what was happening in software engineering.

Like, where are my APIs? That's the thing that keeps them up at night. They don't even know. And we're like, they're in your code base. They can start there. Let me help show you where they are and then how fast that landscape is changing. So you know what to put under test. We always identify a large initiative. We build a roadmap around that.

Like, where are my APIs? That's the thing that keeps them up at night. They don't even know. And we're like, they're in your code base. They can start there. Let me help show you where they are and then how fast that landscape is changing. So you know what to put under test. We always identify a large initiative. We build a roadmap around that.

Like, where are my APIs? That's the thing that keeps them up at night. They don't even know. And we're like, they're in your code base. They can start there. Let me help show you where they are and then how fast that landscape is changing. So you know what to put under test. We always identify a large initiative. We build a roadmap around that.

And then we fill in all the stuff that you have to fill in, right? Like customer requests or hardening of our systems. But that's generally how we build a roadmap.