Malwarebytes
Marsen Klazinski started playing with malware remediation tools around 2003 when his own computer got infected and he didn't know what to do. Rather than just fixing his immediate problem, he decided to learn how to properly remediate malware. He spent five years at the University of Illinois, essentially going to college while learning to program and understanding the rapidly evolving threat landscape. This wasn't a quick pivot—malware defense requires deep technical knowledge because you're fighting criminals with constantly evolving attack vectors.
In 2008, Marsen and a co-founder officially launched Malwarebytes with a simple but powerful business model: clean your computer for free (because getting infected sucks), then charge $40 to protect yourself going forward. The first year was eye-opening—they made $1 million in revenue. Year two, they grew seven times over.
What made the early hiring strategy brilliant was their approach to community. Instead of traditional recruitment, they went into forums where people were already discussing and helping with malware issues. They essentially paid these engaged community members to do the work they were already doing. This meant their first 30 employees, including Marsen, were remote and deeply passionate about the problem space. They didn't open a physical office until they hit 50 employees.
The consumer acquisition was almost organic—Malwarebytes became so trusted that Apple Store staff began recommending it to customers worried about viruses (despite the common myth that Macs don't get viruses). The reputation spread through forums, communities, and word-of-mouth. What's remarkable is that Marsen noticed a pattern: people using the free consumer product at home loved it, then requested it at work. The IT department would install it, and suddenly you had a business customer.
By 2010-2011, Malwarebytes started building business products. The consumerization of IT became a huge growth engine—employees already trusted the product, making enterprise adoption much easier. By 2017, consumer and business were roughly 50/50 revenue split, with the business side having much higher renewal rates (90% vs 70%) and negative revenue churn (expansion revenue exceeded churn).
Marsen kept the company bootstrapped and profitable from day one—a deliberate choice rooted in his Midwest values. For five years, they hired without an option pool, which was unusual for the Bay Area but kept the company scrappy. Only in 2013 did they take their first outside investment from Highland Capital, at which point revenue had reached $25 million.
The business model evolved over time. They started selling perpetual licenses at $25, then transitioned to $25/year, then to $40/year. Critically, they grandfathered in existing customers—a core company value called DFTC ("Don't fuck the customer"). This built trust and loyalty.
On the B2B side, they discovered they could sell 2-3 year contracts (something most SaaS companies struggle with), averaging $3,500 ACV over 18 months (roughly $2,300 ARR). They had a 70-80 person sales team focused on expanding those initial small deals into enterprise-wide rollouts—going from a single department at Coca-Cola to the entire company.
Marketing was aggressive: they spent $300,000+ per month on Google AdWords alone, but it paid for itself almost dollar-for-dollar. They worked with agencies and rotated them regularly to bring fresh ideas. With 33,000 inbound B2B leads per quarter, the challenge became conversion and expansion, not lead generation.
By 2017, Malwarebytes had crossed the $130 million ARR threshold. They'd raised $80 million total (Highland in 2013, then Fidelity as a growth investor), employed 650+ people globally (a third in San Jose, a third in Europe, a third distributed), and served 3+ million consumer subscribers and 50,000+ business customers from one-person dentist offices to Fortune 100 companies.
Marsen, just 28 years old, was thinking about an IPO but taking his time. The challenge with IPO: cybersecurity is reactive—major breaches like Equifax drive buying cycles, making revenue predictable. Wall Street demands that predictability, and missing forecast would be punished. He had the luxury of time and wasn't rushing.
The broader lesson: build with believers, not naysayers. Get toxic people off the boat quickly. And never fuck your customer—it builds the kind of brand reputation that lets Apple employees recommend you unprompted.
- •Deep technical expertise built over years of personal struggle created defensibility against competitors who lacked the founder's understanding of evolving malware threats.
- •Recruiting from engaged community forums produced employees who were already passionate about the problem and trusted within their networks, creating natural word-of-mouth amplification from day one.
- •The free-to-paid model solved a real customer pain point immediately while building trust, which then spread organically when satisfied users recommended it and requested it in enterprise settings.
- •Maintaining profitability and bootstrapping for five years allowed the company to make long-term customer-trust decisions (like grandfathering pricing changes) that competitors under investor pressure might not make, strengthening brand loyalty.
- 1.Identify online communities where your target customers are already actively helping each other solve the problem you're solving, then recruit and pay the most knowledgeable members to join your team.
- 2.Design a freemium or free-first business model that solves the customer's immediate pain point so effectively that they naturally want to upgrade and recommend it to others in their network.
- 3.When changing pricing or business terms, explicitly grandfather existing customers into legacy pricing to build durable brand trust and create word-of-mouth advocates who defend your reputation.
- 4.Target both consumer and enterprise markets simultaneously by designing the consumer product so well that employees request it at work, creating a bottom-up enterprise sales channel without traditional sales teams.
Similar Companies
247.ai
$25.0M/mo247.ai, founded by PV Cannon in 2000, is an AI-powered customer service automation platform serving over 150 enterprise customers with $300M+ in ARR. The company raised only $20M from Sequoia (2003) and bootstrap, achieving 10% net profit margins while maintaining a 12-month CAC payback period and 100% net revenue retention. Despite a security breach setback around 2018, 247.ai has recovered and recently achieved 20% new revenue booking growth in their best quarter.
iCIMS
$13.3M/moiCIMS is a bootstrapped SaaS provider founded in 1999 that dominates the talent acquisition software market as the #2 player, serving 3,500 enterprise customers with an average monthly spend of $4,000. The company exited 2017 with $160M ARR and is targeting 25%+ annual growth while maintaining profitability, recently acquiring Text Recruit to expand into candidate messaging and recruitment advertising.
Zoom
$12.0M/moZoom is a freemium SaaS video conferencing platform founded by Eric Yuan in July 2011 after he left Cisco to build a next-generation collaboration solution. The company has grown to 850,000+ paying customers across individual, SMB, and enterprise segments, generating over $12M in monthly recurring revenue with approximately 100% year-over-year growth. Rather than focusing on customer stickiness or aggressive growth targets, Zoom emphasizes customer happiness and organic word-of-mouth acquisition, which has proven highly effective in driving viral adoption.
Madwire
$10.0M/moMadwire is a comprehensive SaaS platform for small businesses (1-100 employees) that combines CRM, payments, invoicing, billing, e-commerce, and multi-channel marketing tools in a single platform. Founded in 2009, the company has grown to $120M ARR serving 20,000 customers with an average revenue per user of $500/month, while maintaining strong unit economics ($3,000-$4,000 CAC with 3-month payback) and recently turning profitable with a focus on reaching 15-20% EBITDA margins. The company is exploring an IPO within 12-18 months without having raised substantial capital beyond an initial $7.5M.
Plunge
$10.0M/moPlunge is a hardware company that manufactures and sells at-home cold plunge devices. Founded in 2020 by Ryan Duey and Michael after their brick-and-mortar float therapy and sauna businesses were impacted by COVID, the company grew from $270k in first-year revenue to $120M+ ARR in four years. Their success is driven by influencer gifting, organic word-of-mouth, and highly efficient paid advertising (7-10x ROAS on Facebook and Google).