Pulse Security AI: Interview With Co-Founder & CEO Mike Armistead About The Cybersecurity Company

By Amit Chowdhry • Yesterday at 8:00 AM

Pulse Security AI provides an autonomous, AI-driven cybersecurity platform designed to instantly deploy a full security stack and autonomously manage it 24/7. Pulse 2.0 interviewed Pulse Security AI co-founder and CEO Mike Armistead to learn more.

Mike Armistead’s Background

Mike Armistead

Could you tell me more about your background? Armistead said:

I’ve spent most of my career building security companies. I co-founded Fortify Software, which helped create the application security market and was later acquired by HP. I spent the next five years at HP/HPE running the legacy Fortify and their $400M SIEM business.  After that, I co-founded Respond Software, where we created an AI-based, virtual Security Operations Center (SOC) analyst, and that business was acquired by FireEye/Mandiant in 2020. I stayed with Mandiant as VP Products, then with Google after its acquisition of Mandiant.  Pulse is my third security company, and in many ways, the first two prepared me for it.

Formation Of The Company

How did the idea for Pulse Security AI come together? Armistead shared:

All my jobs required me to spend significant time with security leaders, and I kept hearing a version of the same frustration: I am a firefighter who is drowning in data but starving for insight, and it’s hard to be strategic in a dynamic environment where both the foundation (internal IT used by the business/program) and the attackers constantly change. In addition, I’ve been around many hype cycles in security and observed the chase for the latest shiny object (usually a detector or claimed remediator), which only resulted in another silo the leader had to consider when explaining the state of their security program. 

Then I noted something fundamental: all the products were aimed at practitioners.   Upon further investigation, it became clear that Security is the only major function in the business/program without a management system. Finance has its ERP to reconcile finances among groups. Sales has its CRM to capture tribal knowledge about opportunities, so it can forecast more consistently.  HR, Procurement, and even Legal have their systems. However, the CISO runs a business-critical function out of spreadsheets, manual updates, and a stack of tools that don’t talk to each other.

So they end up drowning in data and starving for insight. They can tell you how many alerts fired last week, but they struggle to answer the question the board, their business peers, and upper management consistently ask: “Are we safe, and are we spending the right amount to get there?” That gap between what a security leader is accountable for and how they can effectively manage their function is the reason we started Pulse.

Right Moment

Why is now the right moment for this company? Armistead pointed out:

Three things had to be true, and they all became true recently. First, the problem got too big to ignore. A security program now spans dozens of tools and produces more data than any human team can reasonably reason about. Second, the threat of breach clearly made a leap with adversarial AI. Third, that same technology finally enabled a way to address the problem efficiently. On the third point, agentic AI lets us do something that wasn’t possible even a few years ago: assemble the full context of a security program, keep it current on its own, and give scale to teams of all sizes. We didn’t start with the AI and go looking for a use. We started with a problem and found that the tools to solve it properly finally exist.

Background Of The Founders

Who are the founders, and how did this team come together? Armistead described:

This isn’t a group of people who just met. Robert Hipps and I co-founded Respond Software together, and Nick Gilligan was one of our early engineers. We journeyed together through the COVID years and through our acquisitions by Mandiant and Google, picking up unique experience in threat intelligence and hyper-scale along the way. So we’ve been building for security operators for most of our careers, and we’ve sold companies to the people who set the standard in this industry. Starting a company with people you’ve already been in the trenches with changes everything. We skipped the part where a new team has to learn to trust each other, and we move faster for it.

Core Products

What are the company’s core products and features? Armistead explained:

Pulse is an agentic security management system. The simplest way to describe it is a System of Truth for the security program: the single system that gives a leader a trustworthy view of what’s happening, what it means, and what the function is doing about it.

Underneath, it’s built on a context graph that connects the environment’s technical reality to the business decisions made every day. Pulse provides agentic scaffolding on top of existing tools, documents, and reports that assembles a picture, reconciles it, and keeps it current without a team of people stitching it together by hand. For example, most programs manage the hierarchy of risks, initiatives against those top risks, and the workstreams to accomplish those initiatives’ goals via spreadsheets and manual data collection. Pulse replaces all that “human middleware” with a system of agents that remove toil, broaden reach, and preserve the security team’s tribal knowledge.

The goal isn’t to give security leaders one more place to look. It’s to give them consolidated knowledge they can actually use to pass judgment on, develop a strategy from, and communicate to key constituents. That’s the difference between another screen full of data and a System of Truth.

Differentiation

What differentiates Pulse from what a security leader can buy today? Armistead affirmed:

Almost everything a security leader can buy today is a better tool for a specific task aimed at the practitioner level: a better scanner, a better detection engine, and better automation of a remedial task. Those are valuable, and we don’t compete with them. We sit above them and make sense of them from the program level.

The real difference is who we build for. Point products are built for the security professional responsible for a specific technical area. Pulse is built for security leaders who have to make the call and answer for it. A CISO carries the accountability of a CFO with an ancient tool, and no number of additional dashboards closes that gap. We built the operating layer that does.

Driving The Gap Between Accountability And Tooling

What’s driving the gap between accountability and tooling, and why does it matter to the business and the board? Armistead stated:

Here’s the disconnect I see: Ask a board how their security program is doing, and you’ll usually get an optimistic, but quite limited answer (usually “no material breaches this quarter !”). Ask the CISO the same question privately, and you’ll get a much more cautious one. Both are being honest. They’re just looking at different things, and neither has a shared, trustworthy picture to reason from.

That gap is where bad decisions get made. It’s how companies overspend on the wrong things and underspend on the right ones, and it’s why a CISO can do everything right and still struggle to prove it. Closing that gap, giving the leader and the board the same defensible view, is a reason Pulse exists.

Funding

Are you able to discuss funding? Armistead revealed:

We raised $8 million in seed funding led by Foundation Capital, with Zetta Venture Partners and notable individual investors as minority participants. Sid Trivedi at Foundation backed our last company, so this is an investor who’s already seen a team he’s backed deliver. The round is meant to fund the initial build-out and our work with early design partners. We have exited that stage, turning several design partners into customers, and are looking to accelerate our initial go-to-market.

Significant Milestones

What have been the company’s most significant milestones so far? Armistead cited:

We’re a young company, so I’d point to three. Building the team, which brought together people who’ve built valuable security companies before. Creating a viable and compelling product in a new category. Our emergence from stealth and putting the product in front of people is where we are right now.

Total Addressable Market

What total addressable market are you pursuing? Armistead assessed:

I’d frame it this way. Every company with a security leader accountable to a board and executive team needs a management system to run that program, and that’s an extremely large and growing group, easily over $10B in total market. However, I’m less interested in a headline market-size figure than in the fact that this category should exist but doesn’t yet. We’re building it.

Future Goals

What are the company’s future goals? Armistead emphasized:

In the near term, we’re focused on making the product indispensable to our customers. Long-term, the goal is to change what it means to manage security. I’d love to see a security leader walk into a board meeting with the same command of their program that a CFO has over the numbers. We talk about this internally as situational security: good decisions come from a clear, current picture of your actual situation, not from a backward-looking report. If we do our job, the CISO stops being the person who explains what went wrong and becomes the business leader who helps shape what comes next for an organization.

Additional Thoughts

Any other topics you’d like to discuss? Armistead concluded:

We’re not building Pulse because security leaders are doing it wrong. We’re building it because they’ve been asked to do one of the hardest jobs in the company without the infrastructure everyone else takes for granted. Giving them that is worth doing.