Topics
Latest
AI
Amazon
Image Credits:JuSun / Getty Images
Apps
Biotech & Health
Climate
Image Credits:JuSun / Getty Images
Cloud Computing
Commerce
Crypto
Enterprise
EVs
Fintech
fund-raise
Gadgets
gage
Government & Policy
Hardware
Layoffs
Media & Entertainment
Meta
Microsoft
concealment
Robotics
Security
Social
infinite
Startups
TikTok
Transportation
Venture
More from TechCrunch
Events
Startup Battlefield
StrictlyVC
Podcasts
Videos
Partner Content
TechCrunch Brand Studio
Crunchboard
reach Us
Sometimes the most successful startup ideas come up from people building tool to figure out their own need . Such was the case with Dafydd Stuttard , a security system expert who goes by Daf .
nigh two decades ago , living in the small marketplace town of Knutsford in Cheshire in the northwest of England , Daf was working as a security consultant for different clients .
On the side , he build apps that he could use himself to bucket along up some of the more unremarkable part of his work . He would give each tool a random name , use it for a while and move on ; sometimes he would tell others in his community about the tools in case they were utile . ( Daf already had a repute as an ethical drudge and source in the security system residential area so there was a ready audience for that . )
One Clarence Shepard Day Jr. , tooling that he built to attend with insight examination — named Burp for no specific rationality at all — was one of his creations that he share with others . It caught on , tight , and Daf decided to see how much further he could take it .
tight - forward to today and you could see the fruits of Daf ’s inherent aptitude on the time value of the tool .
Burp is nowBurp Suite , which is the centerpiece of a inauguration called — playing on the imbibing melodic theme — PortSwigger . It has more than 20,000 organizations as customers across 170 countries , with 80,000 person and “ well over ” 1,000 enterprise and organizations using itspaid go-ahead variation . ( The enterprises let in Microsoft , Amazon , FedEx , Salesforce and more . ) Another operation under the PortSwigger umbrella , an educational platform calledWeb Security Academy , has more than 1 million users . And yes , there are now dozens more employee besides Daf .
PortSwigger , at 17 years erstwhile , has been bootstrapped and profitable from the commencement . Now , for the first time , Daf has decided to take on a substantial outside investment of $ 112 million to take the troupe to the next level . Brighton Park Capital from the U.S. is the sole investor .
Join us at TechCrunch Sessions: AI
Exhibit at TechCrunch Sessions: AI
“ We need more expertness to achieve our dream , ” Daf say in an interview . “ The marketplace is set out bigger and more complicated and our customer ’ need are getting handsome . ”
“ But capital was n’t the liberal driver since we are cash - flow positive , and we had our choice of firms to work with , ” he continued . That inbound interest add up not just from investors but potential acquirers .
The company owes some of its success to Daf ’s own report and mild accessibility .
( “ fuck off an email from Daffyd Stuttard@portswiggertoday in answer to a question about burp extender , ” someonenoted once on Twitter , now know as X. “ Kinda feel like god just send me an eml . ”
But its acclivity also comes at the same clock time that cybersecurity has take on a much bigger profile .
There are a number of point solution provided by trafficker across a vast , complex and rapidly evolving security landscape — a landscape that has been formed out of the fact that security breaches and vulnerabilities are rising atrecord ratesand make more hurt than ever before , not least because of the injection of AI into the equation — and that has led to the initiation of yet more applications and approaches to tackle that .
But one constant in that mixture has been the role of somebody with deep area expertness : ethical hack and human examiner continue to make for a major purpose in how problems get identified and fix .
But these individuals ask assistance and tooling , and that is where a company like PortSwigger comes in .
There are others like HackerOne and Bugcrowd that have aimed to productize the function of item-by-item white hat hackers in security operations . Daf notes that these are not rival to PortSwigger : they partner and his startup provide tooling to those platform and others like them , which in turn get used by their users .
Longer terminal figure , it will be interesting to see what impingement New technologies and architectures will have on the role of individuals in tackling and solving security department problems .
Although you might assume that a newer innovation like AI might present a scourge in that regard , that is not the case , at least for now . Daf remark that there are a number of repetitious legal action that penetration testers might do that can be meliorate with automation .
Its sole investor agrees .
“ We believe that despite mechanization , pen examiner are still going to be required , ” Tim Drager , a married person at Brighton Park , articulate in an interview . “ Experts really understand . The flack surface has grown massively , and genus Apis have become prime targets , but when you couple that with the dearth of cyber professionals who have cryptical domain expertise … that ’s why you need tools to help those who know what to do be more efficient . We see this as a meridian area for growth . PortSwigger gives them tiptop powers . ”
