Over the past two years, I have had more candid conversations with security founders about what they actually need from investors than I had in the years before joining Stroom. Not because founders were less forthcoming earlier, but because the kinds of founders we meet at Fund III stage are increasingly discerning: they have spoken with enough investors to have formed views about the specific value each one provides, and they ask pointed questions during the diligence process. These conversations have been useful in sharpening how we describe what we offer — and honestly, in identifying gaps between what we say we offer and what we consistently deliver.
The thing security founders value most consistently, and talk about least in public, is technical credibility in the diligence conversation. Not technical competence in evaluating their business model — every investor claims that — but the specific depth to engage with the technical differentiation of what they have built. A founder who has spent three years developing a novel approach to kernel-level behavioural detection for endpoints does not want to spend the diligence meeting educating their potential investor on what an eBPF program is and why it matters. They want a conversation with someone who already knows what eBPF is, can ask informed questions about the specific tradeoffs in their implementation, and can contribute observations from their own experience with detection engineering in production environments. That conversation produces a different kind of relationship than one where the investor is learning the domain from the founder throughout diligence.
The second most valued thing, and the one that generates the most frustration when investors do not deliver on it, is access to genuine enterprise buyer introductions. Not warm warm intros to the CISO of a company the partner sat next to at a conference; access to a buyer who has a problem the founder's product actually addresses, is at the stage of their security programme where they are evaluating solutions in the relevant category, and who takes the introduction seriously because it comes from a trusted source. Building this network requires sustained engagement with enterprise security programmes over many years — being the investor that CISOs and security architects call when they are thinking through a vendor decision, not just when a portfolio company needs a reference. We have built parts of this network through our own operator backgrounds and through the portfolio's customer relationships, but it remains one of the areas where we are most consistently asked to improve.
There is a category of value that security founders want but that they do not always ask for directly: help navigating the compliance and regulatory dimensions of their go-to-market. European security startups selling into regulated sectors — financial services, healthcare, critical infrastructure — encounter procurement requirements that non-domain investors are poorly positioned to help with. A financial services CIO asking whether a security platform vendor is prepared for DORA third-party ICT risk management requirements, or a healthcare organisation asking about NIS2 essential entity obligations for their own operations, is asking questions that the vendor needs to answer credibly. Founders who have not worked in regulated environments themselves can struggle to understand what these questions actually mean and how to position their product's capabilities in terms that address them. We add specific value here because Willem's background in enterprise security and Martijn's experience in financial services security consulting means we have been in rooms where these conversations happen, on both sides of the table.
The honest counterpoint is that founders should also understand what security-focused investors are not well positioned to provide. We are not the right source of introductions to US enterprise buyers at scale — that is a later-stage capability that comes with larger, more US-connected growth funds. We are not the right board members for the product management and go-to-market scaling challenges that arise after Series B, when the company needs operators who have scaled SaaS sales organisations from ten to a hundred salespeople. Our value is concentrated in the seed to early Series A phase, where technical credibility, European regulated market access, and a security-specific founder network matter most. Founders who are choosing an investor should be calibrating against where they are now, not just where they hope to be in five years.