I'm building 12 (cybersecurity) startups in 12 months

I'm building 12 (cybersecurity) startups in 12 months

Earlier this year, I felt stuck in my job at a large tech company, so I quit. After eight years as a software engineer, I knew two things: 1) I wanted to work on cybersecurity problems, and 2) I wanted to build apps.

I’d been interested in cybersecurity ever since the Cambridge Analytica scandal in 2018 when I discovered that Facebook advertisers had free access to my private messages without my knowledge. Ever since then, I’ve believed that people should have the right to know where their data is and who’s using it.

In fact, I originally became a software engineer to make technology more accessible to people. But after almost a decade of solving difficult technical problems, I suddenly realized that I’d lost track of the thing I had originally set out to do.

As I considered my options this past Spring, my friend Amir texted me, “You should read this!” He sent me the blog post I'm Launching 12 Startups in 12 Months by indie developer Pieter Levels.

In the post, Levels argues that indie developers should push themselves to release “startups,” which he describes as simple apps to which you can add more features later.

Levels makes the case for building 12 startups in 12 months. His theory is that building something new every month ensures you don’t spend too much time focusing on perfection: “AirBnB started as a company selling Obama-themed cereal, while Dropbox was just Drew Houston building a graphical user interface for rsync as a side-project.” Many amazing businesses have humble beginnings as one-off apps.

Upon reading the post, I realized, This is what I want to do. Specifically, I want to build cybersecurity startups.

The cybersecurity field genuinely requires deep technical knowledge, but still, I’ve been astounded by how much the literature uses obscure industry-speak to explain simple concepts. Someone needs to demystify cybersecurity for consumers and developers, so why not me?

Thus, I’ll create and post one new cybersecurity startup each month for the next year.

Cybersecurity apps should be built for individuals, not just companies.

“Cybercrimes” are the new Regina George. Hackers have hurt so many of my friends: stolen their social security numbers, ruined credit scores, or posted personal photos online. Yet most cybersecurity protection apps are built for companies and are inaccessible to the average person.

Women are cybersecurity customers too.

You know what the average cybersecurity app looks like: dark gray background, lime green color scheme, sans serif font, and an overall aesthetic that screams, I’m a character in a David Fincher film.

Instead of a design scheme that speaks to a precocious, terminally online 12 year old, I want cybersecurity products with pink logos. Or funny, approachable emojis. Or really anything that doesn’t revolve around making the user feel secure in their masculinity.

This is the search results page of one of the most popular cybersecurity websites in the world, shodan.io. Needlessly intimidating, right?

When a hack is worldwide news, it targets women more than 50% of the time (see: Gamergate, Celebgate, and even the Sony Pictures Hack, which was most famous for leaking all of Amy Pascal’s emails). Yes, famous men get hacked too, but it isn’t the rule. It’s women who tend to be victimized by rote, everyday hacking like revenge porn.

I myself live in terror of what’s published online about me. When I first heard about the website haveibeenpwned.com, which tells you if your email address has been in any security breaches, I waited two months before having the courage to check it. Sure enough, my data had been leaked in TWELVE different breaches.

I truly believe that if haveibeenpwned.com had a less intimidating interface, and looked more like the websites I already use, then I wouldn’t have been so afraid to use it.

Especially at younger ages, women worry about their online data more than men do. Source: 2023 Global Digital Report

Interestingly, women are actually more willing to spend money on cybersecurity than men. Recent survey results show that women are more concerned about their online data being misused than men are, meaning that by subtly gendering cybersecurity design, there’s a huge market left completely untapped.

Customers are smart. They deserve to know how things work.

So many cybersecurity tools use artificial intelligence and machine learning to detect issues. These tools are amazingly powerful, but they obscure the mechanics at play. I want to build apps that explain not just the what but the how.

Apps need to prioritize looking nice on mobile devices.

I'm amazed at the number of security apps I use that look ten times better on desktops than on mobile devices. You know what I mean: huge fonts, pictures that get cut off sideways, and spacing that looks like it’s from the original Space Jam website. Given that 60% of the world now accesses the internet on a phone, it’s time to build for mobile devices from the get-go. Especially as mobile devices increasingly prioritize transparency around user apps and privacy, which desktop computers don’t.

Mobile use has been climbing ever since mobile phones were invented. (Well, except for whatever happened in 2018.) Source: 2023 Global Digital Report

Finally, your operating system shouldn’t matter at all— apps should be built for the browser.

Your data deserves to be protected no matter which operating system you’re using. With cybersecurity software, there’s usually one tool for Windows, and one for Linux. Coming from a background in building database software, which has slowly but surely moved to a browser-based model, it surprises me that cybersecurity apps are rarely developed for the browser. You know, that thing we invented in the 1990s?

Since browsers are built to run on any operating system, any app built for the browser gets operating system compatibility for free.

Ready, Set, Go.

I want to build products that speak to a broader audience: that appeal to all genders, work in the browser, and look good on mobile devices. If Webflow can make designing a website easy and intuitive for someone with no coding background, my apps should be able to do the same for cybersecurity products. Can't be that hard, right?

And with that, we're off! See you at app #1!

My progress report

#1: Is This Phishy

Read my recap here.

I made a friendly email address to which you can forward sketchy emails (for free) and it tells you whether the email is a phishing scam 🎣📩. Check it out on Product Hunt.

#2: My Startup Incubator

Read my recap here.

This startup was an incubator for all of my nascent product ideas.

#3: Too Phishy

Read my recap here.

Harnessing cutting-edge technology, Too Phishy performs real-time analysis of attachments and sender information so that your online security is never compromised. Check it out on Product Hunt.

#4: Starting Over/Becoming a Software Engineer Contractor

Read the whole story here.

See my new Linkedin title.

#5: Oh yeah, I also made a personal website.

Check it out here.