About – ThreatPulsar

Why We Built This

The gap nobody was watching

In 2022, Elena Vasquez was doing external threat intelligence work for a mid-market company in Virginia. Her job was to find out what attackers could see about the company from the outside. What she found surprised everyone at the table: a forgotten subdomain serving an old admin panel, three credential batches on paste sites that had never been caught, and two typosquat domains registered six months earlier that were already sending phishing emails.

None of this had been detected. The company had endpoint security, a SIEM, and a small but capable IT security team. They just had no visibility into their external exposure. No one was watching the outside of the fence.

Elena brought in Marcus Osei to build a monitoring system. The first version was a collection of Python scripts scanning their client's domains and checking dark web sources on a cron job. It found things on day one. By 2023, they'd turned it into a proper platform and started bringing on early customers — all mid-market companies that had the same gap.

Timeline

How we got here

Q4 2022

The gap identified

External threat intelligence work for a Virginia company reveals a forgotten subdomain, three credential batches on paste sites, and two active phishing domains — all undetected. The problem is clear: no one is watching the outside.

Q2 2023

First prototype

A collection of Python scripts scanning domains, checking dark web sources, and flagging lookalike domain registrations. Deployed for three early design partners. Finds something real on day one for all three.

Q1 2024

Company founded, first paying customers

ThreatPulsar Inc. incorporated in Virginia. First paying customers — all mid-market companies with no dedicated threat intel capability — adopted within the first 60 days of launch.

Q3 2024

Platform expansion

Attack surface scoring, Slack integration, and SIEM webhook delivery added. Dark web monitoring coverage expanded to 50,000+ sources. SOC 2 Type II audit completed.

Q4 2024

Seed Round

Completed a Seed Round to expand monitoring coverage, add continuous scanning for Enterprise customers, and build out the multi-tenant architecture for MSSP deployments.

Values

What shapes how we build

Exposure before incident

Every breach has a preceding period where something was visible externally that the team didn't know about. We're trying to shrink that window to zero. Not by selling fear — by giving companies the same view an attacker has.

Specific beats vague

A generic "your risk score is elevated" alert doesn't help anyone. Every pulse ThreatPulsar sends names the specific asset, the specific finding, and what it means. If we can't tell you what to do with it, we don't send it.

Your data stays yours

The domains and assets you add to ThreatPulsar are not shared with other tenants. Credential findings are reported without exposing raw passwords. We see sensitive things as part of our job; we handle them accordingly.

No-agent by design

Installing agents in customer environments creates deployment friction, support burden, and security risk. ThreatPulsar monitors from the outside. If a company is properly segmented, we still find what's exposed. We don't need inside access to do this job.

Leadership

The team behind ThreatPulsar

A small team with deep roots in enterprise security operations, threat intelligence research, and security engineering.

Elena Vasquez

CEO & Co-Founder

Former external threat intelligence consultant focused on attack surface visibility and third-party risk. She spent eight years finding exposure gaps for companies that didn't know they existed — and built ThreatPulsar to automate that work. CISSP, CISM certified.

Marcus Osei

CTO & Co-Founder

Built the original monitoring prototype: domain enumeration, dark web crawlers, and the certificate transparency feed integration. Previously a security platform engineer specializing in distributed scanning systems and internet-wide reconnaissance tooling. M.S. in Computer Science from Carnegie Mellon.

Priya Menon

Head of Threat Research

Leads ThreatPulsar's threat research — dark web source evaluation, monitoring coverage expansion, and the Insights research blog. Previously a senior threat intelligence analyst at a government defense contractor focused on adversary infrastructure tracking and credential leak analysis. SANS GCTI certified.

Results

What teams achieve after deployment

Mid-Market SaaS Company

Three exposures found in the first 24 hours

A 200-person SaaS company added their domains on a Tuesday. By the next morning, ThreatPulsar had surfaced a forgotten staging subdomain with an exposed admin panel, a credential batch from a paste site containing 47 employee accounts, and a lookalike domain registered the week prior. All three were resolved before end of week. None had been caught by their existing tooling.

3 exposures found in first 24 hours

Regional Financial Services Firm

Phishing domain caught before campaign launched

ThreatPulsar flagged a typosquat domain registered to an address in Eastern Europe three days before it started sending phishing emails. The security team blocked it at the gateway and notified their customers proactively. Without early detection, the first signal would have been a customer complaint.

3 days early warning before phishing campaign

Boutique MSSP (8 client environments)

External monitoring added as a service offering

An MSSP added ThreatPulsar to their service stack to offer external exposure monitoring alongside their existing endpoint and SIEM services. The Enterprise plan's multi-tenant architecture gives each client an isolated view. Two clients identified credential leaks in the first month that their in-house tools had missed.

8 client tenants monitored from one platform

About ThreatPulsar