ArmorCode Inc., a security startup focused on unifying application security and vulnerability management, was founded in the middle of the COVID-19 pandemic in July 2020.
In a recent interview with StartupTalky, Nikhil Gupta, the Co-Founder and CEO of ArmorCode Inc., shared insights into the company's plans, obstacles, and strategies. The intersection of the need for digital transformation and the rise in fraud attacks during the pandemic led Gupta to believe that software security would be critical, and this prompted him to start ArmorCode.
In just two years, ArmorCode's revenue grew by 500%, and Gupta attributes this success to the company's Indian team, which has made a significant impact. Mr. Gupta also shared his vision for ArmorCode, including the company's plans to invest heavily in engineering and go-to-market efforts with the funds they recently raised.
Let's take a closer look at Nikhil's responses and see what we can learn from our conversation.
StartupTalky:Could you share a small brief on ArmorCode so that our readers get to know what the company is about? And also, what made you want to start Armorcode?
Nikhil: Armorcode is a security startup focused on unifying application security and vulnerability management . We started in the middle of COVID, in July of 2020. When COVID hit, as a serial entrepreneur, I knew there would be an opportunity to serve humanity in that calamity. When the world was going towards remote work, during COVID, the need for digital transformation rose sharply. And this prompted fraudsters to attack more, because even they were sitting at home. So that was the intersection, which made me believe that software security would be very important, which prompted me to start ArmorCode. Starting it in the middle of the pandemic has made all the difference, it gave us a head start which has translated into 40+ customers and close to 25% of those are Fortune 500 enterprises. Our revenue grew 500% in 2022 even when the overall tech space was impacted very badly by the economic downturn around the world. I am proud to say our Indian team has made a big impact in our success so far.
StartupTalky: ArmorCode recently raised some funds. How do you plan to deploy these funds?
Nikhil: We raised funds for two reasons. One is to accelerate our go-to-market. We have doubled our go-to-market team size. We also want to heavily invest in engineering so these are the two areas where we are using the raised funds.
StartupTalky: Could you please explain why application security is so important?
Nikhil: Today everything is software or in some way controlled by software. We use software for everything from Paytm and Bharat Pay, to other apps, all of these digital transactions and transformations require security. Software development has transformed in the last 20-plus years – previously new software was released once a year, and there was no use of open source. It was a very monolithic kind of application. Fast forward 20 years and now, 70 to 80% of the software is open source.
Further, new software is being released weekly or even daily across complex environments, technologies, and architectures. Applications are increasingly moving to the cloud. And while software development has transformed in the last 20 years, software security has not. You still need over a dozen tools to just secure one application, none of which speak to each other, creating silos. Security teams struggle to understand where applications are deployed and who owns which part. Vulnerabilities arise across applications and infrastructure, but it’s painful to correlate and understand the context. That’s why it's important to have a single platform like ArmorCode, which unifies and accelerates application security and vulnerability management.
StartupTalky: What would you consider the value addition and differentiation that AmorCode has over the competition, in terms of ROI and growth for their businesses?
Nikhil: Right now, the US is going through a difficult economic crisis and in this scenario, only two businesses will grow. One is, if I come to you and say I can increase your revenue from 1 crore rupees to 10 crores, if you give me two crores. The second is, if you're spending 10 crores rupees on something, and I come and say, I can save you five crores, if you pay me two crores, you will agree to it. Those are fundamental businesses and ArmorCode helps with both types of businesses. Everything is moving to the digital plane and, in that particular scenario we are making the digital landscape secure, allowing companies to increase their revenue or top line.
Secondly, when the market corrects, there are a lot of job losses and people want to rely more on automation. And that is what ArmorCode does. It helps save cost, thus reducing your cost.
StartupTalky: What are some of the significant challenges that ArmorCode faced in the past year and how did you overcome these?
Nikhil: All startups come with challenges. We’ve been fortunate in that , we grew 500% last year, while also expanding our team from 50 to 85. So, from a challenges perspective, we were born in Covid and are scaling during a downturn, so our focus has been on building a strong foundation with the head start we got by starting in the middle of the pandemic when other companies were waiting and watching. And that is why we received our Series A funding so seamlessly.
StartupTalky: Are there some plans that you have for the India market? Could you quantify those?
Nikhil: We are very bullish on the Indian market, across various fronts. We have two plans for the India market. Firstly, our engineering team is in India and we want to grow significantly and invest in R&D here. We're also undertaking strong marketing and sales activities, back-end operations and customer services in India. So, we are betting big on India operations. We believe in taking care of people and if we take care of people, we know that the product will be good, and if the product is good, the business will be profitable.
Secondly, we have one of the largest IT companies in India as our customer. Several of our customers based in the US also have back offices in India, especially when it comes to security. We are working with three of the largest global big four IT consulting firms based out of India, who want to offer software security through our platform to Indian customers.
StartupTalky: What is your go-to-market strategy for ArmorCode and how are you planning to address the different categories and levels of businesses that you cater to?
Nikhil: We are a marketing-led company and our go-to-market strategy is partner driven. So, we have Wipro and Tech Mahindra as our partners, on the global system interfaces. We have also partnered with a few of the big four consulting companies and are partnering with value-added resellers as well. We are also performing the role of a managed services security provider. While we are moving through the partner-driven route, we also have a strong direct go-to-market sales team. Currently, the larger deals are happening through our partners and smaller, mid-sized deals are being undertaken directly.
StartupTalky: What would you consider are some of the trends and opportunities that are shaping the AppSecOps platform currently?
Nikhil: Historically, there used to be three separate verticals - Vulnerability management, Application security, and DevSecOps. ArmorCode is the only platform which unifies all three verticals, which is a big trend right now. Platforms like ArmorCode AppSecOps, which can actually unify application security, vulnerability management and DevSecOps, are all following the trend.
StartupTalky: What would be some of the challenges that make AppSecOps relevant in the market today?
Nikhil: Any product today, especially in IT, has people, process and technology aspects. Here, we are taking the people-first approach. There are three main teams: the security team, the development team and the operations team, working on these products. The security team is incentivized to make things secure, which inherently makes things slower. And the development team is incentivized to release software faster. So, the development and security teams don't see eye to eye. And our unique competitive advantage is that we have a deep understanding of all three aspects. I started my career as an engineer at Bell Labs, then I worked in operations, following which I moved into security. Which is why, when we started this company, we took a people-first approach, rather than the technology-first strategy. We understood the people problem, then built technology to enable people to force multiply their efforts.
StartupTalky: Digital innovation cycles are becoming shorter as we progress. How has this led to an increase in security risk? And how can this be combated?
Nikhil: When you would have one release in a year, we would have three months to test the security of the software. Now, that development lifecycle has gone down to one week or one day , and we do not have enough time to fully vet the security. Secondly, for every application security engineer, there are over 100-200 developers. So, the ratio is extremely skewed, increasing the security risks further. These challenges can be combated with a unique platform like ArmorCode.
StartupTalky: What are the top impacting factors which are driving the global application security market growth? Is the technology we have today ready to handle the accompanying threats?
Nikhil: From the trends perspective, when I started the company, application security was the fastest growing vertical, as per Gartner, at 32% CAGR. Now, ArmorCode is at the intersection of vulnerability management, DevSecOps and application security, with an almost $120 billion market. And this is enabling us to accelerate our momentum faster. Our readiness to help diverse organizations is visible from our client base, which includes the world's largest entertainment company, the largest hospitality company, largest hedge fund, largest big four consulting firms and the largest industrial control systems, as well as digital-native, fast-growing companies. Our platform is ready for enterprise grade challenges. As a testament, we recently processed over a billion findings through our platform.
StartupTalky: Your market is very B2B, so how do you cater to the consumers directly?
Nikhil: There are two aspects to it. ArmorCode’s vision is to democratize software security. We believe that everyone from a Fortune 500 company to an individual startup should be using ArmorCode. We have started with the former, where we are catering to organizations with 100 developers or more, but as the world evolves, our vision is that anybody who's starting a company should be able to use the ArmorCode platform, even if it has only one developer.
StartupTalky:What are the opportunities that ArmorCode offers Indian tech professionals?
Nikhil: Overall, it is a very exciting time for the Indian market, and ArmorCode is uniquely positioned, in the current scenario, to grow and expand faster than the market itself. Both my cofounder and I are of Indian origin and we have a huge engineering and development office in India. We are growing quickly, and while many companies are laying off employees, we are hiring. We have several openings as we speak.While 99% of the companies who start in the US, have their main development office in the US and use the India office for backend help, we take a lot of pride in saying that 100% of the code we use is written in India. We have built a world-class product, and the team is getting to work with some of the biggest brands. This is a huge opportunity for people to get on the ArmorCode rocketship and we are looking forward to tapping India’s talent during that ride.
Author's Note: We would like to express our deepest appreciation to Nikhil Gupta, CEO of ArmorCode Inc., for providing us with such insightful and informative responses. Your contributions will undoubtedly help our readers gain a deeper understanding of the challenges and opportunities facing the software security industry today.