Founder Stories: Oliver Sild, WebARX

Interviewed by Kadri Barclay

Oliver is one of those inspiring people who, by some magic, seems to have more hours in his week than the rest of us. He’s running a coworking center, organizing hacker competitions, and building a scaling startup in cybersecurity. In a few years, he’s come further than many do in decades. How? “I have absolutely no fear of failing!” That’s how.

What does WebARX do?

WebARX helps web developers to protect and monitor websites.

How was the idea of WebARX born?

Back in 2012, we started out as a web development agency. We were building pages for various platforms, platforms we actually ended up monitoring and safeguarding years later, with the product we have today.

In 2015, we first thought about creating something and ended up in a sort of an accelerator in the Czech Republic. It wasn’t very good. Back then we didn’t even realize we were a startup. Despite everything, we attracted a crazy hype that soon took fantastic scopes. We barely had a prototype but media already claimed that we had developed AI, artificial intelligence.

We owned the hype and even started to believe in it ourselves, in the imagined success. Even the Czech accelerator had taught us to sell first and it doesn’t matter whether you can deliver.

It’s easy to believe in your own hype. Everyone’s proud of your so-called achievements, they praise you and talk about you. It’s great. But the risk of starting to believe it yourself is way too real.

The whole thing backfired when the cybersecurity community started to shower us with criticism.

What was your solution to this backfire?

The field we are in is a serious matter, and the professionals working in it have a huge responsibility. So I took a step back, analyzed the situation, and sort of went undercover.

We also parted ways with the other co-founders. They wanted to stay in the web development and I wanted to dive into cybersecurity. In 2016, I joined Tehnopol [a startup incubator in Estonia] to focus on research and didn’t talk to media for over a year. I took a conscious decision to put my attention into WebARX and make it work.

When did the actual success start?

Lots got done in 2017. Besides focusing on the product, I started to build up the team again, and found the first co-founder. End of the year, we joined a cybersecurity accelerator in London, that one was the real deal, a serious business! We basically started building the product from scratch and became part of a great network to leverage it from.

In mid-2018, we officially launched the new version of WebARX. We used the same approach as Pipedrive did when they came to the market - through AppSumo. In the first two weeks, we sold more than $200,000 worth of licenses, mostly to agencies.

Due to various fees of this service, we only saw about 30% of this money, but we also managed to get a large number of users into our product straight away. That’s a big win - the more customers we had, the faster we could develop the product because of all the data and feedback.

End of last year, we raised money to grow further. I had some hiccups on that journey, but luckily stumbled upon F2F app and met Ragnar Sass there. That’s a whole other story, but in short, he really took the time to help me close the round in a smart way and built up half the syndicate from his own network. The news of this round officially came out just two weeks ago. We’ve come a long way in less than a year.

How has the product changed over the years?

It has changed a lot. At first, we notified the website owners of threats and wanted to help them fix things. After automating this process, we saw how difficult it is to explain these issues to web page owners. They had trouble understanding why is their web page under any kind of attack in the first place.

So we started to target the developers, especially agencies who create pages as a service. They understand the technical side, and it’s important for them that their pages are protected and monitored.

It’s a very technical product in a very complicated market, it’s important to keep on building a more and more precise tool to survive in this environment and stay ahead. We are still in an early phase but we have now found the product/market fit. The next goal is to expand this to new channels and new communities.

Any tips for founders still struggling to find the PMF?

Talk to your users, a lot! The community side really works for us. We have a Facebook page with 500+ companies/developers who actively think along and help us improve. We have Intercom set up on our page. We are doing webinars. Our target group is especially active in Reddit and that’s also where we found our CTO.

It’s important for the CEO to go out there and communicate. Marketing and sales people will not be received as well as the CEO. But always remember why you are there. We started creating our online community so we could get better feedback on building more useful features. We are sending out the message that “Hey, we are building this product for YOU. Let us know what is missing in your work and how can we help.”

If you pay attention to the people who respond and gather up, it will create a wave, and people will start to believe that thanks to them something will actually change. They will WANT to be a part of this community. Among them are our biggest brand ambassadors, including youtubers and podcasters.

In cybersecurity, you can’t simply say you are the best. You have to show it, time over time, because cybersecurity is a process. It’s not something you can buy in a jar and apply. What we can do, and what WebARX does, is to help control the process and better navigate the risks it involves. Our best exposure has come through real-time research that we have published in our blog - the results of these findings pretty much spread on their own.

What’s your next big milestone?

For the last two months, our revenue has been going up. We have 3000 paying users and 100 new sign-ups every month. Now we plan to expand and tap into new online communities.

We’re also about to launch a “bug bounty” platform where hackers can sign up to find weak spots on open-source components that are used widely by developers. The format means that page and product owners will invite the community of hackers to break in, and will pay them if they succeed.

These kind of platforms are a global trend. I expect the movement it to transform the field. Companies don’t really need a full-time specialist so there are lots of digital nomads in cybersecurity because it’s so easy for them to freelance. Our platform has 1000 hackers signed up even before the launch.

What’s most important about running a team?

Communication is crucial. We are a fully online company so we rarely see each other in person. A distributed team makes hiring easier. We couldn’t do what we’re doing based only in Estonia. Experts in our field are being sought after in the entire world.

There are currently 5 of us and we all participate in all the meetings. The video calls are about an hour long and happen almost every day. Fridays are dedicated to retros and more casual chats. We have a slack bot set up for daily stand-ups so we know what someone’s up to on the go.

About twice a year we get together. Those gatherings are 80% teambuilding and fun, and 20% work topics such as mission and vision. We just recently got back from a week in Spain where we went Kayaking, for example. Over the last two years of building our team, I’ve learned that face-to-face time is important but that in itself will not make the team succeed. People want to have the freedom to decide over their environment and when and how they work. It’s a great motivator and actually makes people more productive.

Motivation and good communication skills are the most important qualities of a new hire because this is how we can see how fast somebody can learn. Lacking a skill can always be fixed, even if it takes 6 months, and this is how you get a strong teammate. It all begins with motivation. Having the thrive to break some standards is also a common nominator in our team, as most of us have more or less ambitious side-projects.

What’s your strength as a founder?

I dare to try new things and I have absolutely no fear of failing. It may not be the best way but it works. I always see value in failures. It’s a sort of a stand against the success culture that’s so dominant in Estonia - the popular understanding is kinda like “He woke up one morning and became successful.” It leaves the wrong impression of startup processes and of the importance of learning by doing.

I’m great at communicating my vision. I have enough technical background to know what we are building and I’m in the role of the product owner myself. This combination is great for keeping the vision and product development aligned.

I’m also a generalist. I know things but I’m not involved in depths. I like having a broad overview of everything and then connecting the dots. This is how the idea for the bug bounty platform was born. And how I became involved with the cybersecurity competition in Estonia, Capture the Flag.

I think it’s important for everyone to understand how they work and what makes them move.

What do you do on your time off?

I don’t really have much time off. I do what I enjoy doing, and have created a job out of it. When it comes to WebARX, I don’t feel as if I’m working every day.

Many projects get started out of other projects. When we needed office space in Pärnu [a city in Estonia with a population of 40 000 people] we didn’t want to rent. So we got organized with some others and created a coworking space, Forwardspace. Dealing with the launch of this space gave me room to think about WebARX, observe it from a different perspective. It was good to paint the walls, and contemplate…

Having a coworking space around me also helps me to better understand the concept of a community, and to develop myself, to keep taking on new challenges.

What inspires you?

Freedom to do the things you want to do. I have a strong sense of mission and that’s why I’ve dedicated 90% of my time to bringing my dreams and ideas to life.

When I first started out as a single founder, I had zero funding, no salary, and ate noodles for a year. I’m the kind of person that when I want to do something, I go full on and dive in completely. The vision itself, in my head, is a great motivator, and the ideas about how to bring it to life fuel me. I love getting involved with whatever “speaks” to me but keeping focus is crucial, not to get lost in the process.