Podcast Announcer

Welcome to the SaaS podcast.

Omer Khan

I'm your host, Omer Khan.

Podcast Announcer

AI has changed the playbook for building and growing SaaS.

Omer Khan

Every week I talk to founders who are writing the new one.

Podcast Announcer

My guest today is Girish Redikar, who

Omer Khan

built and sold his first SaaS, then grew his second to eight figures in ARR with over 3,000 customers.

Podcast Announcer

But the first time around, he spent

Omer Khan

years building products that nobody wanted. He didn't even know how to code, so he taught himself when he was 28 years old because he couldn't afford

Podcast Announcer

to hire a developer.

Omer Khan

Then for his second company, he picked

Podcast Announcer

the most boring space he could find.

Omer Khan

Compliance.

Podcast Announcer

In this interview, Girish breaks down why

Omer Khan

he walked away from a profitable business that he'd bootstrapped for years, and how

Podcast Announcer

AI is creating problems that didn't exist 18 months ago, which is driving a

Omer Khan

whole new wave of demand for better solutions.

Podcast Announcer

I talked to a lot of founders stuck in the same spot. They've got a clear vision. They just need the right team to build or scale it. That's where Gearhart comes in. They're an AI powered product development studio that handles the entire technical side of building your B2B SaaS platform or AI agent. Built by serial entrepreneurs, they understand the unique challenges of startups and can plug into your team to accelerate growth. This They've built over 70 successful products, including SmartSuite, which raised $38 million and is used by companies like Capital One. Right now, they're offering our listeners the first 20 hours of development for free. Just book a call at Gearhart IO. That's Gearheart IO. If you're building or investing in a SaaS company, you already know security isn't optional. One breach and everything you've built can be at risk. That's where ThreatLocker comes in. Imagine having the power to decide exactly what's allowed to run in your environment and blocking everything else by default. No guessing, no hoping your existing solutions catch it. Real Enforceable Control Threatlocker is a 0 trust platform that locks down your environment without disrupting operations, gives you total visibility, and stops unauthorized applications before they become a problem. If you want stronger security and tighter control, visit threatlocker.com that's threatlocker.com Right now, there's a number hiding in your SaaS metrics. The exact point where your growth will stall. You can change it, but first you have to see it.

Omer Khan

It's simple math. When your churn catches up to your new revenue, you stop growing. You're running just to stand still.

Podcast Announcer

I've built a free calculator that shows

Omer Khan

you exactly where your ceiling is and

Podcast Announcer

the fastest way to break through it. Find your ceiling at Sasclub IO. That's Sasclub IO calculator.

Omer Khan

All right, Girish, welcome to the show.

Girish Redikar

Thanks. Thanks for having me, Olmer.

Omer Khan

It's my pleasure. So, for people who aren't familiar, tell us, like, what does Sprinto do? What you know, who's it for and what's the main problem you're helping to solve?

Girish Redikar

Sure. So Sprinto is an autonomous trust platform. And to explain what that does, every business today depends on dozens or more of other businesses to operate themselves. Cloud providers, SaaS, tools, payment systems, you name it. And that creates a massive network of a digital trail. And that's growing every as we speak, especially with AI. And on top of the digital trail, you have now have growing security threats, regulations, privacy rules, and so on and so forth. So companies need to prove that they are taking the right precautions to protect that data. They have the right safeguards in place in and Sprinter's job fundamentally is to help companies build that trust with their stakeholders and drive confidence around their program, whether it's with customers, with partners, with regulators, and to be able to do that autonomously. That's a goal we have set for

Omer Khan

ourselves and give us a sense of the size of the business. Where are you in terms of revenue, customers, size of team?

Girish Redikar

So Sprinto's had about four and a half, five years under the sun. We are today. We serve more than 3,000 customers across 70 countries. We are about eight figures in ARR. Yeah, so. And we are about 350 people, all remote.

Omer Khan

Awesome. And I think you've raised about 30, 32 million so far.

Girish Redikar

Yes.

Omer Khan

Great. So let's talk about your previous startup before you started Sprinter, which is called Recruiterbox. And this was a business that I think you got to several million in ARR and then sold it. But it was a bootstrap business. And also from what I understand, you and your co founder spent some time trying a whole bunch of different ideas that went nowhere before Recruiterbox took off. So maybe let's start there. Like, what were some of the ideas that you were working on? Trying to get some traction with, but not really seeing anything happening.

Girish Redikar

Oh, wow. That's a bit of a blast from the past. But honestly, when we started working on our first startup, my co founder and I, we didn't know much about what it meant to build a software company or what it meant to be building any business of any sort. We really had no background in any of that. I mean, among other things, you know, we had to teach ourselves programming because we just couldn't hire programmers. Right. So it was literally like, you know, we had to teach ourselves doing that. And I think the first few products that we built, so the general idea was we were very interested in recruiting as a space and we had seen some of those problems, you know, ourselves as we were trying to recruit for our employers that we were working for before that. And I think the first idea that we tried was what we today have like indeed.com basically like a search engine for jobs. And we sort of felt like it was that we live in a world where if it doesn't exist on Google, you can safely assume it doesn't exist. But that wasn't true. For job related information you could never be sure that you have done an exhaustive search of what kind of jobs exist out and what opportunities exist out there for me and be able to make sure that hey, I've sort of applied and at least given a shock to each of them. I thought that was somewhat, that was sort of deeply didn't sit right with us. In an age of information, that's one of the most important decisions that you make as a person. And not being able to be able to do that exhaustively was something that was a little, it was really off for us. And that was one of the first problems that we, we started working on. And it was during the course of doing that that we realized that hey, the fundamental problem is not about scraping technology and that you don't have like all the jobs in one place to make them searchable is that a lot of the jobs don't have a digital footprint at all. So they exist inside of some private communication which is basically maybe like a company and it's a recruiter. They're just on an email on some private board somewhere which like a agent sor a search engine will never be able to reach. So only about 30% of the jobs really have like a public digital footprint. The remaining 70% are just somewhere else. And we realized that hey, even if you could build the best technology to do this, it wasn't going to be extremely useful. So then we tried a bunch of other things. I think one of the things that we built back in the day, which today is relatively trivial with AI was basically being able to match people and their resumes and their backgrounds to job descriptions as well. And it was done based on the state of art AI at that time of time, at that Point of time of machine learning, and that didn't go anywhere either. As a business, I think the tech worked really well, but we weren't able to do much about it with a business. And then we eventually basically built Recruiter Box, which was quite simply think of it as a CRM for hiring. It keeps track of all the activities that you need to do about hiring, make sure it's in one place and in one of the other ways. Like, our goal with that was that if enough companies use this, there'll be a public footprint of all the jobs that they hire. That's an outcome that happens, and that was one of the original problems we wanted to solve.

Omer Khan

So from what I Understand, you spent two or three years trying different ideas before you landed on RecruiterBox, and they didn't really go anywhere. So I'm curious, what kept you guys going and continuously trying different things during that time?

Girish Redikar

It was hard both financially as well as just, you know, to just keep going mentally about and, you know, depending on how things turn out, you could like, one way to look at it is there was stubbornness, a certain degree of that, but if you come out right from it, then it looks like, hey, there was determination. Like, I don't know how to characterize that, but, you know, we always sort of felt like we were take that one step away from what it actually means to do something that worked. And it was kind of good to have a co founder and you could sort of feed off each other's energy. There are times when somebody is low, but the other person sort of drags us through. And that was happening a little bit as well. It did help to have family support as well. I think that was extremely important as well. So, yeah, I think all of these things came together to shore us up for this couple of years where we really had nothing to show for it, to be honest.

Omer Khan

Yeah, I think sometimes it's easy when people hear a story like this and say, oh, you know, Girish and his co founders, they bootstrapped and they, you know, seven figures ARR. And they sold this thing to not really appreciate some of the struggles that you have to go through to get there when things aren't working, when you don't have all the funding, when you don't have enough money to hire people and you have to learn how to write code yourself, and all of these things that are all sort of part of the journey. How long did it take once you landed on the idea of Recruiter Box? How long did it take before you guys felt like this is the one,

Podcast Announcer

this is the thing.

Omer Khan

And what were some of the signs told you that.

Girish Redikar

So I think the first version of recruiter box was basically pre stripe. It was a few months before stripe happened. And I remember that distinctly because we just didn't have like a way for us to collect payments. And it was happening that we were selling remotely. It was something that you could sign up for and then start using it. It was like a self serve motion. And we realized that we basically cobbled together like this really, really caveman technology sort of thing where all you really did is as a customer. If you liked RecruiterWorks and you wanted to pay for it, we'd give you like a PayPal link. You go there, you swipe your card and depending on how much you paid there, we would add a certain number of credits in recruiter box and they would basically get deducted on like a daily basis. And eventually you ran out and then you basically had to go and swipe your card again in PayPal. It was really bad. But what really surprised us was how many customers actually went ahead and did that. And that sort of told us that hey, we're doing this in such a bad manner and yet people are taking that pain in order to actually go and do that. That means what we are building is it's valuable at least for these set of customers. They appreciate what we are doing and that means something. And then that was one of the early signs where how much just pain that our early customers went through just to be able to use us. And I think that was very encouraging for me personally that hey, this has legs, it can go far.

Omer Khan

Yeah, I've heard that a few times. And I think this thing about if your early customers are willing to jump through those kinds of hoops to get the task done, you're definitely onto something versus you know, you're having to basically spoon feed them every step of the way and persuade them to even show any interest and so on. How, how far did you get the business? I mean I know we said you know, seven figures in ARR, but have you talked about publicly about the number, how much, how much you'd got to in terms of revenue when you sold the business?

Girish Redikar

Yeah, that's unfortunately one number I'm not at the luxury of sharing because that was part of my contract. But we were than 2,500 customers. So still single digit arrs but a large number of customers and we were acquiring at the time more than 100 customers a month. So it was a fast growing business. As such.

Omer Khan

So we'll just say it was somewhere between 1 and 10 million in ARR when you sold it, just to keep it broad.

Podcast Announcer

The.

Omer Khan

The one thought I had was you went through that struggle. You built this business. You've got to the point where you've got some decent traction, some revenue. You don't have investor pressure. What drove you to sell the business versus saying let's keep working on this for a few more years?

Girish Redikar

I think the simplest way to say that is it got a little too comfortable and, you know, the business was growing, it was doing well. We were trying to make the business grow a little, grow faster or much faster than what it would like. We would have liked it to be like we had a few thousands of customers. But remember the background that I gave, like, we really wanted this to become like the de facto way of, you know, people hiring. And we didn't see a path from where we were to where we needed to be in order to be that. It was a great business in its own right, but it wasn't anywhere close to what our ambitions with that were. And at some point we had to ask ourselves, like the hard question, maybe we as founders of the bottlenecked to the business, not the other way around. And we eventually found a buyer who we believe could actually scale the business a lot better than. Than we could, because they actually had done that a bunch of times with a bunch of other businesses like ours. So I thought that was, you know, at some point, as much as we think of startups as our babies, it's important to sort of, you know, have its own life, and it's important to do what's right for the business rather than what's right for you individually. And I think it was a combination of two things. Like, it was going great, it was relatively comfortable. We weren't quite challenging ourselves. The business wasn't growing faster than what it could and it should. So at that point we decided that, hey, it's best in someone else's hands who can actually grow it faster, do what's right by them. And we believe ourselves as well. We had another startup in us and we wanted to actually do a larger, faster growing business. And for whatever reason, RecruiterBox wasn't turning out to be that.

Omer Khan

So after you sold RecruiterBox, I think it was a year or a year and a half after that that you founded Sprinter. Where did the idea come from?

Girish Redikar

So this wasn't the only idea that we had on the table. There were a bunch of them, but one of the Things that, that happened during the course of growing recruiterbox and especially as we are trying to get take it more and more upmarket to larger and larger customers. We kept getting asked for these things like a SOC2 certificate, sorry, a SOC2 reporter, ISO certificate, bunch of security questionnaires. And again, as an engineer, this sort of fell into my lap. I had a front row seat to what these meant and why they were required. We did the usual thing that founders would do in that situation, which was kick the can down the road as much as we could. At some point realized that we can' do that more. Then we hired a consultant to help us go through that process. A few months and tens of thousands of dollars later, you know, we got what we wanted. But you know, it wasn't exactly what I would call like a great experience. We were sort of grudgingly doing it. And that's not to say that that idea to do something about it came at that point of time. But you know, in that after we sold the company and we were thinking about what to do next, that was one of the experiences that stayed with us. And I, you know, it was I like this sort of this intersection of a Venn diagram where a problem is unsexy and boring, that nobody wants to touch it with a ten foot pole, but at the same time it's valuable. And this sort of felt like that. But you know, to be honest, like this was one of the three or four problems that we had on the table. And I know we spoke a little bit earlier about this book called the Mom Test. And I came about that book, by the way, during this break and it had a big influence on me fundamentally because it was written by a person who is basically a software engineer and about how to go about really knowing whether what you're building is valuable and useful. And I told myself and I and my co founder told ourselves that hey, we're not going to write a line of code until we can validate what we are building is valuable and did the most uncomfortable thing that was for us to do, which was go talk to people, figure out and validate something that we didn't have yet and figure out whether it was worth building.

Omer Khan

So were you trying to validate multiple ideas at the same time, one at a time?

Girish Redikar

Yeah, it was one at a time. Wish to give it like a few weeks, just build a few mock ups for us to understand what it might look and feel like or maybe even to show to other people, but more importantly just having conversations around it. But we Used to immerse ourselves into an idea for a week or so. Not necessarily make a decision about it, but spend some time on it, then move on to the next one, and then eventually make a decision.

Omer Khan

Yeah, you know, I think it's really interesting that often I talk to founders who start out and they have built something or they feel invested in a product or an mvp. So when they go and talk to customers, they're trying to get validation confirmation for what they've built. But once you don't do that and you go in very intentionally and say, I'm not going to build. I'm not going to write any code until we validated it, it's a little different because then you're like, almost. It's almost like you're saying, can this person convince me that it's worth my time and effort to go and build something? And so when you start having these conversations, what did you start seeing? Like, what told you that this is the thing that we should focus on?

Girish Redikar

Again, I. I wish it was something that was like, black and white and there was like, you know, like a clear sign that, hey, we know that this is absolutely important and useful to. But I think there's a certain degree of uncertainty still there. And as much as I'd like to claim that there was a, you know, there was like a wall of evidence to say that, hey, this would actually work, I think beyond the point. I just. It is intuition. Having said that, the process of actually just having talked to about 20 people and just hearing them, how they describe the problem, et cetera, sort of crystallizes the thing in your head about what is it that you're really building, what part of it probably needs to be built first? And this is happening just implicitly. You don't necessarily have to think about it explicitly. What do they care about more than the other things, and why would they pay for it? And how urgent is that pain or how important important is that page? You start getting like a mental compass for some of these things. I wouldn't say that. For example, one of the ideas that the other ideas that we were pretty excited about that we eventually didn't end up building was basically a WordPress competitor. And I think one of the things that we realized that, hey, this is a great idea and we should probably build it, but we are not the right people to build that. So it's not just about that as well. Like, in the sense that we realized that building something like that would require a lot of developer evangelism, and we're not the best people to build something like that. So you realize some of those things as well. So you just start thinking a little bit deeper about the problem space than you would if you just started building, which is, what does it take to take this product to market? Are you the right. There's not just product market fit, there's a founder product fit as well that needs to happen. And you sort of live through the cycles in your head.

Omer Khan

Yeah, I can almost see that Venn diagram that you're talking about with this other circle now, which is, is this the right thing for us? Is this something that we're good at? And if not, then let's be honest about that, because you don't want to spend 5, 10 years on something that just doesn't feel like right to you. I know that. So how many of these interviews did

Podcast Announcer

you do

Omer Khan

before you. You kind of felt like, yeah, we can move to the next state stage.

Girish Redikar

For Sprinto, we did about somewhere between 15 and 20 interviews. Conversations.

Podcast Announcer

If you're building a SaaS product or an AI agent, there's a good chance you're about to spend weeks and thousands of dollars on the basics. Things like AWS setup, authentication, admin panels, dashboards. Gearhart built something called the basement platform that covers around 80% of the foundational needs out of the box. That alone can save you 5 to 10k in development costs and get you to market way faster. One of the products they help build is SmartSuite, which raised $38 million and is used by companies like Capital One. They only take on a handful of new projects each month, but right now they're offering our listeners the first 20 hours of development for free. Book a call at Gearheart IO. That's Gearheart IO. Building a SaaS company from the ground up is tough. Protecting your data and securing your environment shouldn't be. With ThreatLocker, you can deploy application control in days to weeks, not months to years, and enable your IT team to decide exactly what's allowed to run and deny everything else by default, lock down your environment without disrupting operations and operate with confidence. No guesswork, no reactive solutions, just true proactive control. ThreatLocker is a zero trust platform that mitigates the risk of downtime, reputational damage and cyber attacks, including ransomware and zero day exploits. If you want stronger security and tighter

Omer Khan

control, visit threatlocker.com that's threatlocker.com and I think I read somewhere that you said that, you know, like, the hardest part wasn't for Sprinter, wasn't Finding customers. It was like turning basically a consulting service into a product. And I know you guys spent a lot of time deconstructing that, almost reverse engineering this consulting service and breaking it down into its constituent parts and figuring out how to productize that. How long did you spend on that? And can you just kind of walk us through, like, how you did that? Because when I kind of came across that, I was like, that sounds like a lot of work that most people wouldn't be willing to do. And I think just kind of understanding why you did that and how you did that would be super helpful for a lot of founders.

Girish Redikar

So there were a bunch of factors that led us to do that. Like, the prevailing wisdom at the time is that, hey, as when you know you're building, just build. Put like the MVP and the smallest version of the product out there as soon as possible and start getting customers for it. And I was born and raised in that school of thought. But there was something about a space where we made like a counterintuitive jump that we're going to go about it a little differently. And here was the fundamental issue that we had with the space at the time. We realized that us in RecruiterBox when we had gone about this problem, that the standard way to go about it is you basically hire like a consultant and it's like a services model of getting it done. And what we're fundamentally saying is that, hey, this can be productized, right? And what we were very clear from the get go is that we didn't want to build a services company. We really want to build a product company. And I thought one of the riskiest things for us was that if this turns out to be something that's part product and part service, and the service component is significant and really important, and you won't be able to productize it enough. And while it might be still a valuable offering, the company you're building is a very different one. And we want it for our own sake to basically eliminate that risk. We were pretty sure that what we were building was valuable, sure, to the extent that a founder can be before you take it to market. But we were reasonably confident that this problem exists and people need this. What we weren't sure was that whether it can actually be productized. And I remember at the time we had this mental model of the sort that, hey, if you're building a startup, you can think about it in two axes. You know, one is, are you solving? Basically, do you have a product risk or do you have a market? Risk over there. And what I mean by that is a product risk is a class of problems where the fundamental question you're asking is can this be built? Not whether it can be, whether it be valuable or can it be taken to market. Because if it can be built, you know, we're pretty sure you can market it. A good example of that in today's world would be something like a self driving car. If somebody did build a self driving car, I think it's pretty clear that you can take it to market. So that's not where the risk lies. Or if you build a machine that just transports people from one place to the other, if that were possible, that's a product problem, that there's a large product risk over there, there's not a market risk over there. And I'm giving you extremes just to explain the edges of the diagram. And there is another place where you have market risk in the sense that the product, building the product is relatively easy or simple. What you're really worrying about as a company is like questions about how do you take it to market? And you're packing yourself, you know, backing your skill at being able to do that. Like you're basically like a great GTM team that can take it to market. And most companies lie somewhere on this graph. And we realized what we were building was basically towards this line, which was there were higher product risk than market risk and we wanted to eliminate that. And so the thing that we did that was counterintuitive at the time is that we said that, hey, the most important stakeholder in this equation who's not very clear yet is an auditor. Eventually it's an auditor who has to give you the software report, the ISO certificate, et cetera. And we need to understand how they look at this and what do they need in order to basically be able to prioritize this. And so our favorite pastime at the time was we used to just go to auditors and say that, hey, we want to soc to report auditors. And they would do that. That's revenue for them. And we were building the product as we were sort of of going through these audits. So we were sort of. The first audit was entirely manual. The second one we had some spreadsheets, et cetera in place. The third one was we had some product in place and it was all happening behind the scenes. The auditors never got to see it. But by the time we were on our 10th audit or so, we had it pad down like we knew what we were building. So that had that because now, by the time we actually went to our first beta customer, we had a lot of confidence to say that, hey, we know exactly what auditors look for, because we have done that many times. We were for.

Omer Khan

So when I, when I initially thought about you productizing this, I imagined it as you going out, interviewing people, seeing how they were doing the job and then figuring out how to build a product. But you are actually paying auditors to come and have you audited over and over and over again until you felt like we understand this well enough and we have enough pieces of the product in place to be able to sell it. Yes, you must really love audits.

Girish Redikar

Like I said, the boring, unsexy problems that nobody wants to touch, you know, because that was like the, that's basically where the rubber hits the road. It's not fun, everybody hates it, but that's basically the trial by fire. Right? Like you need to get that piece right. And sort of the mental concept we had is, was if everything that we are doing in Sprinto is a black box and the only thing that comes out of it is what an auditor sees, how much of that black box is automated underneath. That's really our test. The auditors just need what they need and they are not going to change themselves just because you're doing it in a product based manner or you're doing it in a services based manner. They don't care.

Omer Khan

Now, as I understand with Recruiter Box, it took a long time to get traction there. But with, with Sprinto you landed what, 30, 40 customers very quickly within months of, of launching. And you know, some big names like I think HP was, was one of, one of your customers. What did you do differently that helped you get that type of traction that quickly with Sprinter?

Girish Redikar

So I basically have a mental model now of how to take products to market. And I think, you know, there's a, like, I have an engineer's view of this. This is not necessarily like a savvy marketeer or a GTM person's view. And I feel like there are fundamentally two categories of product when it comes to gtm. One is where you are, what I call, what you're really doing is harvesting demand. So you sort of in a space where the demand for what you're building already exists and your job is to be able to harvest it. So which means that you need to be at the places where people look for something whenever they have this problem. Right. So most products we know sort of fall into that category sometimes. And increasingly with AI you have sort of categories of product where people are not explicitly looking for it, but if you were in front of them and they realized that, hey, there was a way of actually doing this, they'd be willing to try it. But they're not going out looking for an answer to hey, how can I entertain myself better with short form videos? Let's say that's not a question anybody asked, but if I came across it, I tried it, I loved it, that looks great, right? Or anything of that. So there's a category of problems of things along that axis. So I think fundamentally it's important for a starter to realize which of these two things do you rely on? And we were squarely on a place where, you know, there was, there was demand for this. People were talking about this in founder groups, they were asking this to the investors, they were, you know, and they were reaching out to some consultants, they were googling for this and all sorts of things were happening. And we realized that, okay, there was a problem, people faced this problem, they went about asking certain people or systems like Google and that's what they would basically do. So our job became then to be present at the places where people looked for answers about this, right? So the standard answers we actually made ourselves present on a bunch of these founder networks, communications, there are slack groups, there are WhatsApp groups, there are various kinds of places where founders hang out, ask questions about whatever's going on in there, like, hey, do you know this vendor? Or you know, what do you do about I need some legal help on this contract and everything else. And compliance used to come up once in a while over there. So we make sure we got ourselves injected over there. They stress the VCs. So what we did was we got ourselves injected into the perks program of a bunch of VCs and we started giving discounts to startups if they were affiliated with the vc. And that helped us get some of our early customers as well. Google helped. The fact is, if you're a CTO in a young startup and you get a security questionnaire on your desk and say you need to answer this or today you would chatgpt it. By the time you would basically go to Google and say, hey, what the hell? What do I do about this software? What do I do about ISO? So being present on Google, either by ads as well as later as in terms of SEO was an important channel for us. So it sort of started from the fact that find where people go today in order to solve this problem and then try and be present at those Places, that's what worked for us.

Omer Khan

When you and I were talking earlier, before we started recording, I asked you about how you got to the first million in ARR. And while you identified these three or four channels that help you get there, you also mentioned, hey, we tried 20 other things that didn't work. And then eventually we figured this out. And I think there's a really valuable lesson there because sometimes founders who are struggling to acquire customers might hear this and say, oh, Girish did xyz, so I should go and do xyz. But I think it's more about the process you went through of trial and error and figuring out what actually worked and what didn't work. So tell us a little bit about that. What were some of the things that you tried that didn't work and how did you kind of go through that, navigate through that to find the channels that did?

Girish Redikar

Yeah, thanks for bringing that up. This by no means meant that I had a theory and it meant that, hey, these are the three places we should try. And that's what worked for us. We tried 20 things. 17 of them didn't work. 3 did. The fact is still like, for example, something that you could intuitively think that could work. And I for a long time thought that it should be an important channel for us, especially with the young startups, was going to partners who are like advisory firms who startups would go to and try and see if we can sort of co sell with them. And for whatever reason, like on paper it makes a lot of sense, but it didn't work for us as well, at least in the early days. It started working for us a little later, but it didn't work for us in the early days. So there's a ton of such things that even by the principles that I just described, seem like they are the right things to do don't work. So I think there is still a, this is by no means a sure short way of getting an answer, but at least just a way of slowing that. Hey, these are some of the kind of things that you could try. So I remember like doing a bunch of startup conferences earlier, which again you would imagine should work, but it didn't, at least at the time it started working for us again later in a different context. And you know, maybe some of these things require you to already have a certain degree of brand or some referral before it works. So they may not necessarily work for you in the 0 to 1 journey, but they work for you in the 1 to 10 journey. And honestly, there is no playbook for that. You just have to try a few things and you only make the shots that you take. So you have to take about 20 shots to make two or three of them to work.

Omer Khan

When you tried something, how long would you spend on it typically before you decided to move on again?

Girish Redikar

I wish there was a formula to that. Honestly, there is a bit of intuition about when it doesn't work, does it completely fall flat or do you see that it's not working because of the way you are doing it right now? And maybe if you tweak a few things, it might work. So I don't think it's as much of a science, at least not to me, at least. I'm not able to sort of of pull it down to, say, the head. This is the extent to which we should try it and. And then we should sort of give up on it. But. But in other places, you see that the more you put in, the more you get out of it. So, so, and a lot of those things, to be honest, it's not even about it didn't work. It's like, you know, as a startup, you got to pick your battles to fight. And it just so happens when something else starts working, the startup sort of starts gravitating towards that and spends more time and energy over there. So some of the other things don't get as much time and energy on them as well. So to be perfectly honest, it was possible that some of those things could have worked if we spent more energy on them, but it so happened that we just got pulled in some direction that started working, so we just sort of doubled down on it and then we had to sort of hire people to try some of these other things later. So again, at least to me, there's not a lot of science which says that, hey, this is the amount of time you should spend on it and then you should move on or something like that.

Omer Khan

Yeah, I mean, it would be great if there was right, but unfortunately there isn't. And I think that's part of the challenge is when it's so messy at those stages, when you're going through trying to figure this out, it's like the question is, is this the right channel for me? Am I. Maybe you're not super clear about your ICP at this point. So is it, am I talking to the right potential customer? Do I have the right messaging or positioning that's going to land with these people? Am I talking about the right problem? And then as you said, it could also be a timing Thing that, yeah, I've got all those things right, but the timing in terms of where I am right now with the business isn't there. But maybe in a year's time, this will work really well for us.

Girish Redikar

Right.

Omer Khan

And so it's a really difficult, messy thing to work out.

Girish Redikar

And, you know, one of the things that at least I didn't think deeply enough about at the time is that different channels have different sort of maturity periods, like AdWords. If that works for you, it's kind of like opening a tap and things start flowing so you can experiment very quickly with it. But something like partnerships, it takes months and months of investment before something comes out of the end of the pipe, you know, and you basically have to keep investing in it for a while before you get something out of it. So if you as a startup have like a goal of getting to somewhere in three months or six months, that's not an answer. But at the same time, that is not the same thing, that you can't start on that tomorrow in the sense you can't wait to start until that six months later, you have to start on it today so that you can actually layer that in maybe nine months down the line. But there's a bunch of things that are going to give you immediate benefit, whereas some of those other things will have a certain gestation period before they can actually start reaping rewards for you. And I didn't quite understand that as well early on that, you know, hey, different channels just have. Have different maturity periods. So, yes, they are important to work on, but I can't count any benefit from them in my immediate goals right now. So there's that math happening as well.

Omer Khan

Yeah, super interesting.

Podcast Announcer

Let's talk a little bit about AI.

Omer Khan

We're hearing a lot these days about. SaaS is dead. You can vibe code everything.

Podcast Announcer

I'd like to see somebody vibe code

Omer Khan

a compliance platform like you're building, because I think there's a little bit more to it than just that. But when you're sort of looking at what's going on right now, let's start with what's the biggest impact AI has had to your business so far?

Girish Redikar

I think we are in a very interesting space in the fact that AI has impacts our business from three directions. And that I feel is really fascinating and strange. If I were to explain one of the ways that AI has impact on us is the fact that we obviously are an AI first company now, so we want to make sure that our product itself is more autonomous and, and do things that will otherwise require humans to do. And my mental model is that for a fairly long time, software is this thing where it's just humans feeding software. You're filling boxes inside of a software, you're giving data that software just faithfully stores for you and then gives it back to you in a nice report, if you will. So for a long time software has been like that and we took a jump from that to making more automated software. But AI is actually going to take you to a point where finally, finally software will work for you rather than the other way around. And I find that very interesting as an idea. And we want to be at the absolute frontier of it. And there are some very interesting things that we are doing at Sprinto in order to basically enable that. So that's one aspect of how AI affects our business. The other aspect of how AI affects our business is our customers. They are internally becoming AI first. So the folks that we sell to our product is becoming AI first, but our customers themselves are also becoming AI first internally. They're actually having a bunch of their internal business processes run on top of AI now. And that has implications on how you run your GRC program or how you run your governance, risk and compliance program and direct implications to what Sprinto has to work. So, you know, there was a time where we were just managing entities and, you know, and software and systems and people and servers. But now you need to basically think about agents and other things that you're trying to manage. So I think that's an interesting piece that our customers and our ICP cares about. The Chief Information Security Officer now increasingly cares about how to make sure that the AI that they're building internally is safe and secure, sound and secure and governed well. So that's the second way that AI affects us as a business. And the third way that AI affects our business is basically we are squarely in the security and privacy space. And there are threats from security in a privacy manner that are actually happening from the outside to a business. So there's AI in our product, then there's AI in our host business or our customers, and there is AI outside of that business that this business is trying to protect itself from from, which is there's just so much more social engineering, phishing, AI based attacks, very sophisticated attacks that are happening now that need to protect themselves from and a governance, risk and compliance programs. One of the jobs is to basically be able to do that, right? So I think it's just like a very compounding trifecta of factors that are coming together with respect to AI. And we often think of about AI in only one of these three modes, but all three of these are happening together. And that's just leading to, like, an extremely exponential change in the way the software this category is going to emerge, because that's not just happening uniquely to us. It's basically going to happen to pretty much everyone in the category. And I, for one, am excited about it. Like, it poses newer challenges to our space that were never posed before. And if that means that basically we need to evolve faster as a space, that I'm all for it.

Omer Khan

Yeah, that's a really great way of framing that because it's an incredibly. There's so many dynamics at play here. Now, one thing about being AI first and in the compliance space, and, you know, if the AI fails, your customers potentially fail audits. I'm curious, like, how do you ensure that you have the guardrails in place for that not to happen?

Girish Redikar

Right. So I think the way we look at this is. Is relatively. I won't say it's easy, but we have a simple way of thinking about this. Everything that eventually needs to get audited needs to be deterministic in the sense that, hey, did you actually encrypt this database or not? You can't have AI answer that. That's a deterministic thing that it was either yes or no. Did you make sure that you offboarded this user from this account or, you know, you revoke their access from this account when they left the company or not? And when did it happen? Like, there's no. There are no two ways about it, irrespective of who does it. Like this. Basically, this was a timestamp at which they left the company. This is the timestamp at which you revoke their access. Your SLA says that this can't be more than 48 hours. Is that true or not? That's yes or no, you know, So I think those are the places that will continue to remain deterministic. Software, what AI does do for you is, you know, just everything that happens in between. A lot of plumbing that needs to have that happens in between. It can make that better and better. So I'll give you an example. Traditionally, software in our space has been great at telling you that, hey, you're trying to meet software requirements. Here's a list of requirements, here's how you meet them.

Omer Khan

Great.

Girish Redikar

What software has not traditionally been good at in our space is to say that, hey, by the way, you as a company are signing contracts as well, and somewhere in that large, dense contract there's a clause that says that you're going to have a certain SLA on your product. Who's reading that and making sure it becomes a part of your program. That's a great use case for AI. You were not doing that before. It was just manually impossible for you to be able to do that before. But the fact that now you can know all your commitments in one place, whether they come from a contract, whether they come from a cybersecurity insurer, whether they come from your risk or your policy or your framework, it doesn't matter. You can have them in one place and AI can solve that for you. We used to stop at saying that hey, this database isn't encrypted and you need to encrypt it. And the best in class at the time was basically saying that here's some documentation on how you can actually go and encrypt it. When people are reading that and going and doing that, etc. That's painful. You can actually have AI now sort of go and do that for you while you are actually on the screen. Like, you know, we have basically a fixed agent, so you as an engineer are sort of supervising it, but it's actually doing the job for you and making sure that the thing gets encrypted. So it's making your life easier and it's going over and beyond what was possible before. But I think the basics of our business don't change. Like, I don't think there are certain things which are sanctimonious in, in an audit of any kind. Not just security and privacy audits, but even a financial audit like did you pay this or not? Is in fact, that can't be blurred. And I think that will continue to remain like a system of record. But there's a bunch of stuff that happens around it that can still become faster, more autonomous thanks to AI.

Omer Khan

Intriguing. You're making compliance sound interesting to me.

Girish Redikar

If that were possible. Yeah, I know this is, this isn't everybody's cup of tea, but we do geek out over it over here at Sprinter.

Omer Khan

Love it.

Podcast Announcer

If you're building an AI agent, a SaaS product, or stuck trying to scale, check out Gearhart. They can act as your fractional CTO and technical team, bringing AI expertise from projects for Meta and Google plus, strong Silicon Valley connections with founders and VCs. And since they're a Ukrainian born company, you get senior engineers with an offshore pricing model with offices in San Francisco and London, and a distributed team of 40 experts, they've helped build over 70 successful products. Right now, they're offering our listeners the first 20 hours of development for free. Just book a call@Gearhart IO. That's Gearhart IO. SaaS companies move fast. Most teams are focused on building and optimizing, not thinking about vulnerabilities, ransomware, or zero day attacks. But they can strike without warning and put your entire business at risk. With the ThreatLocker Zero Trust platform, you can get ahead of these attacks and stop them before they start. Instead of allowing everything and trying to spot the bad. Threat locker blocks everything unless you approve it. Giving your IT team full visibility across your environment. The result is stronger security control and your business keeps moving without interruption. Visit threatlocker.com that's threatlocker.com Right now there's a number hiding in your SaaS metrics. The exact point where your growth will stall. You can change it, but first you have to see it.

Omer Khan

It's simple math. When your churn catches up to your new revenue, you stop growing.

Podcast Announcer

You're running just to stand still. I've built a free calculator that shows you exactly where your ceiling is and the fastest way to break through it. Find your ceiling at Sasclub IO. That's Sasclub IO calculator.

Omer Khan

All right, we should wrap up, so let's get on to the lightning round. I've got seven quick fire questions for you. You ready?

Girish Redikar

Yeah.

Omer Khan

What is common startup advice that founders get that you disagree with?

Girish Redikar

I disagree with most advice, honestly, and I think it's because all advice has some context behind it. So we take the advice, but we lose the context. So I think all advice needs some context behind it. Like you take anything which is like launch early and that could turn around and bite you in the back. So the context is important.

Omer Khan

What book would you recommend to our audience and why?

Girish Redikar

We talked about it? I overwhelmingly and wholeheartedly recommend the mom test. If you're a builder, go read that. Because building is becoming cheaper. The thing that's important is basically, are you building the right thing?

Omer Khan

What is something that you're good at now as a founder that you were terrible at in the first year?

Girish Redikar

I think this is like a philosophical thing, but people say that you can't control others behaviors, you can control your response to it. And I think I'm realizing the importance and the profoundness of something like that. I think I'm generally better at that today than I was 15 years ago.

Omer Khan

What's your favorite personal productivity tool or

Girish Redikar

habit I'm not much around productivity tools. Like, the only thing that works, really work well for me is blocking, deliberately blocking some time for deep work every day. So I just don't let anything go

Omer Khan

in that, that's a good, good, good strategy. What's a new or crazy business idea you'd love to pursue if you had the time and money?

Girish Redikar

Maybe after all of this is said and done. One of the things that I really curious about is personalized education. And I mean really personalized, not just adaptive quizzes. You know, every kid learns differently. As a father, I'm seeing my, my young one grow and you know, and we've known it forever, but a classroom of 30 students is. And one teacher is never going to deliver on that. And I think finally I can change the economics of that. And I feel like at some point it's not just for kids, for adults as well. Most professional learning is still terrible and it'll be great to be able to work on something that makes humans learn better.

Omer Khan

I love that. I love that. What's an interesting or fun fact about you that most people don't know?

Girish Redikar

Oh, something we mentioned on this conversation passingly. I had to teach myself programming when I started my first company. I did not know that. I think the first line of code that I've really written ever is when I was 28 and I can't imagine living without that now.

Omer Khan

I was surprised about that when you told me that. I just imagine that you're a strong development background, have been coding forever and finally, what's one of your most important passions outside of your work?

Girish Redikar

It's a bit of a cheat answer because it's not really outside of work. But, you know, I, from, from a long time I've been thinking about applying mass production techniques to software and you know, and increasingly with AI, like, I'm increasingly curious about the question of, you know, how software. I don't mean code like how software changes and how the job of creating software changes. And you know, I think AI is finally making that possible, but we're still all figuring out exactly how. So one of my favorite pastimes is to sort of, I have this side quest where I try to cobble together something and try to refine my understanding of that.

Omer Khan

Love it. Love it. This is awesome. Girish, thank you so much for joining me. It's been a pleasure. If folks want to learn more about Sprinto, they can go to sprinto.com and if they want to get in touch with you, what's the best way for them to do that.

Girish Redikar

It's my first name, Girish, at sprintl. Com. Awesome.

Omer Khan

Thank you so much. I appreciate you taking the time and sharing your story and lessons, and I wish you and the team the best of success.

Girish Redikar

Thank you so much, Omar. I really enjoy being here.

Omer Khan

My pleasure. Cheers.