From HackerOne’s leaderboard to the NYSE Floor: Our Journey to the Cyber60

Yesterday, standing on the trading floor of the New York Stock Exchange as our logo appeared across the screen, I felt something rare in this industry, a moment to pause.

For most of my career, I’ve been chasing vulnerabilities, managing teams, and constantly thinking about what could go wrong next. But yesterday was different. XBOW was recognized by AWS, Lightspeed, and Fortune as the Early Growth Stage Category Winner in the 2026 Cyber60, a list of the world’s most promising cybersecurity companies.

It was a proud moment, but more than that, it was a reminder of why we started this journey.

The Call That Started It All

Oege called me with an idea that felt equal parts visionary and impossible: “Let’s build a platform that can make security testing fully autonomous.”

For someone who’s spent decades trying to scale offensive security, that sentence hit me hard. I said yes immediately.

We thought it would take a year just to prove it could work. Within five months, XBOW’s agents reached the top of the HackerOne leaderboard, outperforming human hackers across thousands of real, hardened targets.

That moment proved something we’d only hoped was true: an AI could think and act like an expert hacker. What we didn’t expect was how quickly it would evolve.

From Proof to Purpose

Being recognized on the Cyber60 marks a turning point, not just for XBOW, but for how we think about autonomous offensive security.

AI-powered attacks are already here. Lightspeed’s CISO survey found that 75% of security leaders experienced or suspected an AI-related incident in the past year, and 58% say they fear AI-driven attacks most. They’re right to.

The attack surface is expanding faster than human teams can keep up, and defenders are stretched thin. Most CISOs I talk to aren’t struggling with motivation, they’re struggling with bandwidth.

That’s why we built XBOW.

We wanted to give offensive security teams superpowers, to handle the repetitive, scalable work so that humans can focus on what they do best: the big picture, the creative edge cases, the problems that require intuition and imagination.

Democratizing Offensive Security

For years, expert-level penetration testing has been limited to large enterprises with deep budgets and long timelines. But the threat landscape no longer respects size or scale.

Every company, whether they’re protecting ten endpoints or ten thousand, deserves access to testing that’s as fast and as smart as the attackers they’re facing.

That’s what this Cyber60 recognition really means to me: validation that autonomous offense isn’t just a technological breakthrough, it’s a step toward making expert-level security accessible to all.

What’s Next

Most companies don’t have dedicated security teams. And even for those that do, running a high-quality pentest can be slow, expensive, and hard to schedule.

That’s why democratization matters, because security shouldn’t depend on headcount, budget, or whether you have an internal security team.

We’ve made it easier than ever to start a pentest with XBOW, faster setup, results in days not weeks, and the same enterprise-grade quality. Anyone can now launch a pentest in minutes, not meetings.

The process is simple, safe, and fully autonomous. You define the scope; XBOW does the rest.

🔗 Start your own compliance-ready pentest → xbow.com/pentest

A Thank You

To our customers, investors, and the incredible team that made this possible; thank you. To our partners at Sequoia and Altimeter, thank you for helping shape this moment for the industry.

And to every CISO trying to navigate this new era of AI-driven threats: we see you. We’ve built XBOW for you.

Because while AI may be changing the rules, it doesn’t have to change who wins.