How Danny Jenkins Bootstrapped ThreatLocker From $150K Debt to $200M

source Updated 2026-07-06 Tags: Podcast, Saas, Cybersecurity, Zero-Trust, Go-to-Market

Summary

This The SaaS Podcast episode features Danny Jenkins explaining how he built ThreatLocker from a financially strained endpoint-security startup into a cybersecurity company approaching $200 million in ARR. The discussion centers on Zero Trust Security, Default Deny Security, and least-privilege controls as alternatives to security models that mainly detect threats after they appear. It also adds a go-to-market case around MSP Channel Distribution, direct sales, webinars, trade shows, and Category Creation for a technical product that many buyers initially found unfamiliar or controversial.

Key Claims

  • ThreatLocker is described as protecting about 70,000 companies worldwide, with roughly 6,000 to 7,000 direct customers and revenue approaching $200 million.
  • Danny Jenkins traces the product idea to ransomware recovery work, including a 2014 case in Australia where systems, databases, Exchange, and backups were encrypted.
  • Jenkins concluded that smaller companies needed practical Default Deny Security because existing whitelisting or application-control products were not viable enough for broad use.
  • The company spent about 18 months without paying customers while building an MVP; endpoint security was difficult to validate until it ran in real environments.
  • The first paying customer paid about $5,500 upfront after a trial that required the team to write and deploy code quickly while learning the customer’s environment.
  • Jenkins argues that early startups need two things: a product that solves a real problem and buyers who know the product exists.
  • Early acquisition came through cold calls, demos, customer word of mouth, Reddit, Discord, and small webinars; one MSP webinar with about 10 attendees still produced useful leads.
  • ThreatLocker used MSP Channel Distribution to reach small businesses through technical providers that already managed many endpoints.
  • The company spent heavily on trade shows in 2020 to educate the market, then grew from about $300,000 to $2.3 million in revenue that year.
  • Jenkins says the July 2021 Kaseya incident created a surge in demand after ThreatLocker blocked the ransomware path for affected environments.
  • Jenkins frames Zero Trust Security as an idea rather than a single product, and contrasts default-allow systems with explicit approval of what can run.
  • He argues zero trust was controversial because it threatened parts of the cybersecurity industry built around antivirus, EDR, threat hunting, SIEM, and SOC services.

Key Quotes

“zero trust is an idea rather than a product” - Jenkins’s category framing.

“product that solves a real problem” - one of Jenkins’s two early-startup requirements.

“buyers who know the product exists” - the paired go-to-market requirement.

“money does not solve problems; it changes them” - Jenkins’s fundraising and scaling lesson.

Connections

Contradictions

  • No direct contradiction with existing wiki content. The episode reinforces Fast Product Validation and Product Led Willingness To Pay by treating payment as the strongest signal, while adding nuance: endpoint-security products may need real deployment before customers can judge value.
  • The source contrasts with pure Demand Harvesting cases such as Sprinto because ThreatLocker had to educate buyers and create a broader category rather than only capture an already named demand.