PLAY PODCASTS
Root Evidence Launches With $12.5M to Redefine Vulnerability Management
Episode 191

Root Evidence Launches With $12.5M to Redefine Vulnerability Management

Daily Security Review

July 28, 202536m 51s

Audio is streamed directly from the publisher (media.transistor.fm) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.

Original episode page

Show Notes

In July 2025, a team of seasoned cybersecurity leaders launched Root Evidence, a Boise-based startup with a mission to revolutionize how organizations tackle vulnerability management. Armed with $12.5 million in seed funding led by Ballistic Ventures, founders Jeremiah Grossman, Robert Hansen, Heather Konold, and Lex Arquette are setting out to fix one of cybersecurity’s most persistent problems: the overwhelming flood of vulnerabilities and the inability of security teams to focus on the ones that truly matter.

Root Evidence introduces a groundbreaking evidence-based security model—an approach that prioritizes remediation efforts based not on theoretical severity scores but on proof of exploitation in the wild. Their platform identifies the less than 1% of vulnerabilities that are actively weaponized by attackers, allowing organizations to cut through the noise, reduce breach likelihood, and calculate cyber risk in real financial terms.

This episode explores:

  • The crisis of vulnerability overload, with tens of thousands of new CVEs published annually and attackers exploiting many within 24 hours of disclosure.
  • Why traditional vulnerability management tools fall short and how Risk-Based Vulnerability Management (RBVM) and Cyber Risk Quantification (CRQ) are transforming security strategies.
  • How Root Evidence’s approach empowers CISOs to communicate risk in dollars—a language executives and boards understand.
  • The startup’s timing in Boise’s fast-growing tech ecosystem, where cybersecurity innovation is gaining traction.
  • What Root Evidence’s entry means for enterprises preparing for events like Black Hat USA 2025, where evidence-based security is expected to be a major discussion point.

Root Evidence isn’t just another vulnerability scanner—it’s a reimagining of how businesses defend themselves in an era where speed, evidence, and financial clarity are the keys to survival.

#RootEvidence #Cybersecurity #VulnerabilityManagement #RBVM #CyberRiskQuantification #CRQ #BallisticVentures #JeremiahGrossman #RobertHansen #HeatherKonold #LexArquette #BoiseTech #CyberRisk #ExploitEvidence #CISO #BlackHat2025 #CyberDefense #CVE #ThreatIntelligence #SecurityInnovation #CyberResilience #VulnerabilityPrioritization

Topics

Root EvidenceJeremiah GrossmanRobert HansenHeather KonoldLex ArquetteBallistic Venturescybersecurity startupBoisevulnerability managementevidence-based securityrisk-based vulnerability managementRBVMcyber risk quantificationCRQexploit evidenceCVEKnown Exploited VulnerabilitiesNVDthreat intelligencerisk prioritizationCISOfinancial risk calculationvulnerability overloadcyber resiliencezero trustBoise tech ecosystemBlack Hat USA 2025vulnerability scanningattack surface managementcyber defenseproactive security
← All episodes of Daily Security Review