A Persistent Foothold in the SMB Cybersecurity Market Kyle Hanslovan and Protecting the 99%

Kyle Hanslovan leaned forward in his chair, eyes scanning four monitors spread out before him. A low murmur permeated the room as his compatriots, similarly situated, did the same.  

A young cyber warfare operator in the United States Air Force, Hanslovan was an offensive hacker breaking into nation-state systems as quickly and efficiently as possible to gain counterintelligence. His path into cyber began years earlier from humble beginnings as a curious kid browsing the web on dial-up internet.  

 Hanslovan was first introduced to cyber threats as a preteen in the 90’s. Entranced by the promise of the online world but limited by low bandwidth, he began pirating video games, designing websites, and dabbling with AOL hacking techniques. Downloading without discretion, he soon met the dreaded Windows blue screen of death thanks to malware-laced software. Panic turned to curiosity as he learned how to recover data, perform file system forensics, and resolve run-time dependencies with the help of burgeoning online DIY forums. A seed of interest was planted.  

 As a teenager, Hanslovan aspired to join the United States Naval Academy and joined Navy Junior ROTC. But at 17, he decided to enlist in the Air Force instead, pursuing an opportunity to use his hacking skills for good.  

‘Cyber’ was still a dirty word in the 90’s and early 00’s. Upon joining the Air Force on the ground floor of the agency’s early cyber warfare efforts, however, Hanslovan realized that the techniques he’d honed while troubleshooting and troublemaking were a useful foundation for his work.  

Hanslovan began his career in a Sensitive Compartmented Information Facility (SCIF) where he soon mastered the basics, learning how to break into systems efficiently and clean up his digital footprints behind him. SCIFs are subject to strict access and security controls, so while there was plenty of hacking, there weren’t any hoodies- no phones, digital watches, or thumb drives, either.

While the setup wasn’t glamorous, the stakes couldn’t have been higher. “If you mess up your job in a counterterrorism mission, somebody could lose their life,” Hanslovan recalls. Shaky intel could inform dangerous decisions on the world stage. Hanslovan knew he had to deliver valuable outcomes- the first of two critical lessons he would learn in the Air Force.  

Working across SCIFs and time zones throughout the U.S., Hanslovan and his fellow service members often worked asynchronously. Without constant communications or a shared physical proximity, everyone needed to step up and own their responsibilities. “You really had to be a master of your work,” Hanslovan reflects. He began to appreciate the power of small, geographically separated teams with clear roles. It was an insight that would stick with him.  

After a seven-year stint in the Air Force, Hanslovan stayed in the U.S. intelligence sector, but pivoted to defense contracting. He was recruited to lead a computer networks operations development and testing team as a cybersecurity analyst for consulting firm ManTech International. For four years, Hanslovan worked with ManTech’s massive  clients- U.S. government agencies- supporting their cyber operations and missions.  

By 2013, Hanslovan was feeling the limitations of his role at ManTech. He wanted more flexibility to pursue cybersecurity contracts that interested him, not just those he was assigned. Struck by an entrepreneurial urge, alongside his ManTech colleague John Ferrell he made the leap to co-found Strategic.io, a cybersecurity contracting firm. Hanslovan and Ferrell honed the company’s focus on a specialized area: offensive cybersecurity contracts. The strategy paid off and the company had little trouble finding work through government subcontracts.  

The two quickly faced a new set of hurdles. To become an approved government vendor with appropriate levels of clearance, Strategic.io would need a litany of licenses and clearances. Undeterred, over the next year and a half Hanslovan and Ferrell worked through mountains of paperwork while continuing to negotiate and land subcontracts.  

In 2015, the pieces finally fell into place. Strategic.io was off to the races, soon generating seven figures of revenue working with government agencies on national security projects. For Hanslovan and Ferrell, though, the company’s service-based defense contracting model had lost its appeal. While the subcontracts they took on involved important work, they were limited in scope. “Scaling was my number one goal,” Hanslovan says. “I wanted to make global change.” 

Scale would mean a huge customer base. Hanslovan quickly identified SMBs (small and midsized businesses) as a prime market: there are over 30 million SMBs in the U.S. alone, comprising over 99% of all companies. Hanslovan saw opportunity where others didn’t. “Walmart doesn’t serve the biggest companies in the world but they’re the biggest company in the Fortune 500,” he points out. “They understand that by serving small businesses, there’s an opportunity to build a company of consequence.”  

Hanslovan and Ferrell brought Chris Bisnett, a U.S. Navy veteran with exploit development and cloud architecture experience with whom they had worked alongside at ManTech, on board to help build out their ideas. Hanslovan and Bisnett’s background in national security work pushed an important cybersecurity concept to the forefront: persistence. As former red team hackers themselves, they understood firsthand how attackers could slip past preventative defenses to deploy footholds and maintain persistent access in systems. These footholds often went undetected by firewalls and endpoint detection and response (EDR) tools. SMBs were particularly at risk given the lack of security capabilities they could access, as most cybersecurity solutions were designed for enterprise customers. Hanslovan, Ferrell, and Bisnett had identified a niche with a need. Now they had to create a scalable solution. 

It was a completely different approach than defense contracting. “To reach that many businesses, we were going to have to build software based on our expertise and implement a SaaS (software as a service) model,” Hanslovan says. Drawing from his time working in SCIFs, he devised a strategy: they would use small, compartmentalized teams of experts to leverage automation and deliver valuable outcomes, rooting out persistent footholds. In addition, their company would leverage channel partnerships to grow their customer base and reach as many SMBs as possible. Business plan in hand, they were ready to launch.  

In 2015, Hanslovan, Ferrell, and Bisnett founded Huntress Labs to help SMBs detect and respond to cyber threats with managed EDR. They used Strategic.io to bootstrap the new company until 2017 as they transitioned from defense contracting fully into the commercial sector.  

Based in Maryland and embedded within the national security community, Huntress wasn’t your typical cybersecurity startup. Focusing on SMBs wasn’t popular among cybersecurity companies and the co-founders’ backgrounds in services work sometimes led to confusion. As he began pitching the company to investors in Silicon Valley, Hanslovan immediately knew his narrative wasn’t compelling. Though the company’s business model was strong- a small expert team leveraging automation to deliver capabilities at scale- some investors were turned off by what they saw as a services play in an uninteresting market. 

“The three of us were “services government services founders” who happened to be outside of Silicon Valley, didn’t speak the right jargon, and were going after the SMB through channel partners- it was not a winning story,” Hanslovan recalls. It was a tough lesson to learn, especially for technically gifted and passionate founders like Hanslovan, Ferrell, and Bisnett who had identified a critical need and valuable solution. 

Hanslovan knew he had to step up his pitching skills to effectively communicate Huntress’ go to market plan. “You can build the sexiest, coolest cybersecurity tech but if you can’t bring it to your target audience, you’re never going to make the impact you want,” Hanslovan reflects. Determined to succeed, he began to seek out evidence to prove his point.  

Three proof points would help Huntress clear the initial hurdles. The first came when Hanslovan, leveraging his National Security Agency (NSA) connections, took an early prototype of the company’s product to an offensive cybersecurity capture the flag exercise. Testing the software on hundreds of systems, he was thrilled when the event organizers reported Huntress had outperformed the competition and identified every single compromised computer. It gave Hanslovan his first taste of tangible validation. “After that, I was able to get past my terrible pitch by actually showing proof,” he recalls. “I could say I went to an NSA exercise where the world’s greatest hackers faced off against the world’s greatest defense and my technology was the top performer. People started to listen.” 

In concert, Hanslovan had been working hard to develop Huntress’ story. After one failed pitch, a venture capitalist gave Hanslovan and his co-founders particularly blunt feedback over tacos- – the pitch made it seem like Huntress was a pure services company and wasn’t compelling to investors. On the spot, the group worked together to clarify Huntress’ recurring revenue model for high margin, repeatable technology supported by human services and expertise. “After we reworked the pitch, the investor said, ‘I would have written you a term sheet if you told this to me in the first place,’” Hanslovan reflects. It was a boost to his motivation and Hanslovan started to see more interest from investors intrigued by the polished story.  

The final piece of evidence came when Huntress offered free endpoint testing to clients to prove their capabilities. It was a no-brainer for customers to accept a no cost offer, and when glowing reviews rolled in, Huntress had proof that customers saw real value in their product. With technical, investor, and customer validations in hand, Huntress started to gain more traction and positive feedback from potential investors. That interest would soon turn into a significant funding opportunity.  

By early 2020, Huntress had grown to protect nearly half a million endpoints and implement channel partnerships with over 1,000 Managed Service Providers (MSPs), tripling their revenue in just two years. The company had become a trusted advocate for SMBs. 

Impressed by Huntress’ effective, affordable tooling and market potential, Ernie Bio and Forgepoint Capital led the company’s $18M Series A round in February 2020. Hanslovan and his co-founders were thrilled, and not just because of the funding- they felt they had found a long-term venture capital partner. “Belief is what separates capital and a true partner,” Hanslovan says. “If you’re not willing to go through the worst days with somebody, you’re making the wrong decision.”  

That belief would meet and exceed the test of time sooner than anyone realized as the COVID-19 pandemic took the world by storm just one month later. Luckily, Huntress had a competitive advantage baked into its organizational culture that helped keep the company on track. Huntress had been an early adopter of remote work since their founding- a callback to Hanslovan’s early days in SCIFs for the Air Force. “That single small difference of learning to work asynchronously with experts helped set us on a fast trajectory to go where most startups don’t,” Hanslovan reflects. While remote work brought its own challenges-like paying business taxes in different states-it ultimately worked in the company’s favor as they seamlessly adapted to digital transformations spurred by the pandemic. 

Over the next three years, Huntress’ rapid expansion brought a flurry of activity. In addition to doubling revenue annually two years in a row and amassing hundreds of perfect 5.0 scores on software review sites like G2: 

• In 2020, Huntress launched a comprehensive platform providing managed EDR for SMBs.  
• In January 2021, the company made its first technology acquisition, purchasing blended network visibility and EDR capabilities from Level Effect.  
• In May 2021, Huntress closed a $40M Series B funding round led by JMI Equity with Forgepoint’s participation to expand the company’s impact via enhanced reseller partnerships. 
• In July 2022, the company acquired cybersecurity awareness training firm Curricula. The acquisition paired Huntress’ expert team with Curricula’s engaging content to offer a powerful managed security awareness training and phishing simulation platform for their customers and partners (now called Managed SAT).  
• In May 2023, after growing to protect over 2 million endpoints and doubling annual recurring revenue (ARR) for two consecutive years, Huntress closed a $60M Series C round led by Sapphire Ventures to scale up globally. Both JMI and Forgepoint- the lead investors in Huntress’s Series B and Series A financings- participated.  
• In September 2023, the company introduced Huntress Managed ITDR for Microsoft 365

How exactly did Huntress develop its technology into a mature multi-product platform? For Hanslovan, starting from a strong idea and scaling it up to a product- then a full platform with multiple products- was a continuous process based on customer feedback. “Once you have one product, you start listening to customers and they will literally tell you if they need more product,’” he says. Starting out by targeting North American MSPs, managed security service providers (MSSPs), value-added resellers (VARs), and telecommunications providers, Huntress kept a narrow focus within a single vertical to deliver value, build credibility, and gain trust over time.  

Creating one successful product is challenging enough, but building a platform with multiple products is even more elusive. Hanslovan likens it to repeatedly capturing lightning in a bottle. “We built our infrastructure to allow many products to correlate data and work together so that one plus one equals more than two,” he says. “Now, the platform gives us more opportunities to succeed and, in many ways, makes it easier to capture lightning multiple times.” By carefully applying lessons learned from previous products, Huntress can offer new value at a competitive cost for customers in their ecosystem. It’s a compelling model fueled by the strength of Huntress’ channel partnerships which allow them to reach more SMBs.  

But there has been more to Huntress’ success than a strong platform. Along with acquisitions, funding rounds, and a growing team have come more partnerships. Hanslovan has learned the value of relationship vetting and building- a lesson he often shares with other entrepreneurs today. “Interview your founders, interview your investors, and understand what you’re getting yourself into,” Hanslovan says. Due diligence before the start of a partnership pays dividends over time.  

Hanslovan also cites the team as one of the most important drivers of success. Trying to take on everything as a founder is a recipe for disaster. “Half of this game is not burning out,” Hanslovan says. “You can’t operate at 110% all the time.” Hiring and retaining new leaders has become essential as Huntress grows. The company has sought out A players- people whose strengths complemented others’ weaknesses and who would pick up the slack when others couldn’t.  

“You have to bring them in at the right time, be transparent, and set them up for success with achievable goals that keep morale high,” Hanslovan says. It’s a core part of the company’s strategy to pair human expertise with the right level of automation to protect SMBs at scale.

Today, the SMB market in cybersecurity is becoming more crowded. Huntress has held off the competition by strategically acting as both a first and second mover across key market areas. “In some places we have had to figure out where we wanted to be first mover to build trust,” Hanslovan says. “In others, we have been more like a 1.5 mover- we weren’t the first, but we didn’t wait for everybody else to catch up either.” This approach, along with the years of trust Huntress has built, are helping the company stay ahead of small vendors moving up market, enterprises moving down market, and non-cybersecurity incumbents moving over to security. 

When asked about the future, Hanslovan is candid about the path forward for Huntress. “We secure 100 thousand plus businesses out of 30 million plus in the US alone,” he says. “We’re nowhere close to completing our mission.” The past few years have been tough for small businesses with challenges stemming from macroeconomic and workforce changes (like remote work and inflation) along with new technologies and threats (like generative AI-enabled attacks). Huntress remains committed to innovating and helping more SMBs thrive in the face of new challenges. Most recently, the company announced a major product integration with Microsoft 365 in the latest push to reach more businesses.  

It’s all part of what Hanslovan calls the Huntress virtuous cycle. “Deliver awesome things that make a difference to SMBs. With the profit we make from that, reinvest in new technology that secures more SMBs, which allows us to build new products,” he says. “As we protect more SMBs, we just get more effective.”