A powerhouse team of cybersecurity veterans launches Root Evidence, backed by Ballistic Ventures and leading investors to redefine how digital risk is managed.
July 2025 Root Evidence, a pioneering cybersecurity startup focused on evidence-driven vulnerability management, has emerged from stealth mode with $12.5 million in seed funding. The oversubscribed round was led by Ballistic Ventures, with participation from Grossman Ventures and other strategic investors.
The company aims to overhaul traditional vulnerability management methods by introducing a security model built on hard evidence, aligning digital risk with measurable business outcomes. The investment underscores confidence in the team’s approach to making cybersecurity decisions grounded in verifiable, real-world data.
Cyber Technology Insights : CISOs Connect Appoints Seasoned Cybersecurity Executive Bob Turner as Head of Research
Meet the Founders: A Dream Team of Cybersecurity Innovators
Root Evidence was founded by a distinguished group of cybersecurity leaders:
Jeremiah Grossman – CEO
Robert “RSnake” Hansen – CTO
Heather Konold – COO
Lex Arquette – CPO
Together, they bring decades of experience building and scaling successful cybersecurity companies. Grossman previously co-founded WhiteHat Security and later served as Chief of Security Strategy at SentinelOne, helping guide the company through its historic IPO. He later reunited with Hansen and Arquette to launch Bit Discovery, acquired by Tenable in 2023.
Arquette, a co-founder of both WhiteHat Security and Bit Discovery, also played a pivotal role in developing Meta’s early user growth infrastructure. Meanwhile, Hansen has long been recognized for his groundbreaking contributions to web security and attack surface management. Each member of the founding team has also served as an investor, advisor, or board member to numerous other cybersecurity ventures.
Tackling Cybersecurity’s Longstanding Pain Point
Vulnerability management continues to frustrate CISOs worldwide. Security teams often face an overwhelming number of vulnerability alerts, making it difficult to prioritize fixes or justify remediation resources. In reality, less than 1% of known vulnerabilities are actively exploited in the wild—and those are the ones that cause the most damage.
Cyber Technology Insights : Atlas Systems Named a Representative Vendor in 2025 Gartner Market Guide
Root Evidence’s mission is to change the way vulnerabilities are identified and prioritized.
“We saw an opportunity to address one of the most persistent challenges in cybersecurity,” said CEO Jeremiah Grossman. “Traditional methods aren’t working. Organizations need clear, defensible insights into which vulnerabilities pose real financial risk—and confidence that fixing them will reduce the likelihood of a breach.”
The Power of Evidence-Based Security
At the core of Root Evidence’s approach is what the team calls evidence-based security. This methodology prioritizes threats based on empirical data, such as actual exploit activity, documented breaches, and verified financial impact. The company takes its name from the gold standard of risk: “Root Evidence”—proof that a specific vulnerability has been exploited in the wild, caused a breach, and led to monetary loss.
This approach allows organizations to:
Quantify risk in financial terms.
Focus remediation efforts on the vulnerabilities that truly matter.
Align cybersecurity decisions with business priorities.
Unlike conventional platforms that rely on Known Exploited Vulnerabilities (KEVs) lists or subjective scoring systems, Root Evidence is building an entirely new class of vulnerability scanning and attack surface management technology—designed for speed, scalability, and precision.
Cyber Technology Insights : SafePaper.io Launches to Bring Internet Safety Clarity to a Growing Digital World
A Smarter, Faster Solution for Today’s Threat Landscape
Cyber threats are evolving rapidly, with attackers targeting a small subset of high-impact vulnerabilities out of more than 300,000 known CVEs (Common Vulnerabilities and Exposures). Root Evidence’s platform is designed to cut through the noise by prioritizing only those vulnerabilities that have proven consequences.
“Vulnerability management isn’t about identifying every potential issue anymore—it’s about knowing which ones have real-world consequences,” said CTO Robert Hansen. “Our platform puts verifiable data at the center of decision-making so teams can act with confidence and speed.”
Investor Confidence and Industry Backing
The startup has garnered strong backing from the cybersecurity investment community, led by Ballistic Ventures. Roger Thornton, General Partner at Ballistic and founder of both Fortify Software and AlienVault, will be advising the team closely.
“We’ve seen firsthand how outdated the vulnerability management market has become,” said Thornton. “Root Evidence is injecting the kind of visionary thinking and technical credibility this space desperately needs. This team has already changed the industry once—and they’re about to do it again.”
What’s Next for Root Evidence
Armed with fresh capital and deep industry expertise, Root Evidence is now focused on product development and early customer engagements. Their goal is to release a high-speed, high-accuracy vulnerability management platform that helps organizations immediately identify and resolve risks that could lead to real financial harm.
As security teams worldwide seek more effective ways to manage risk and demonstrate ROI, Root Evidence’s timing couldn’t be better.
Cyber Technology Insights : Resilience, CrowdStrike and AWS Work Together to Reduce Cyber Risk for Enterprises
To participate in our interviews, please write to our CyberTech Media Room at sudipto@intentamplify.com
Source: prnewswire
