There is a generally accepted script in Silicon Valley. Identify a startup idea, sell a chunk of your company to raise venture capital, make sales, then raise more venture capital and make more sales. This cycle repeats until the company goes public or gets acquired, hopefully for billions of dollars.
But what if you did not get on that fundraising treadmill after the first round? What if you structured your company to sprint toward profitability through slower, sustainable growth instead of pursuing unprofitable growth as so many VC-backed companies do? That is the question Pukar Hamal, founder and CEO of SecurityPal AI, asked himself after raising a $21 million Series A round in 2021 and then, a year later, almost running out of money. The round was led by David Sacks’s Craft Ventures, with participation from Andreessen Horowitz’s Martin Casado and Okta co-founder Frederic Kerrest.
He started the company in March of 2020. It is his second founded company. His previous company, which sold via an acqui-hire, had raised its first capital before achieving product-market fit, a common occurrence where founders often raise funds before they have a product they know customers will pay well for. In retrospect, Hamal described that decision as his big mistake.
For SecurityPal, he did the reverse. He waited until the company hit $1 million in annual recurring revenue, which took about a year, and then did his first and only raise, the Series A.
SecurityPal uses AI to speed up enterprise security due diligence, a process that occurs in every large enterprise transaction when signing new IT contracts. The company promises to shrink the security review from months to days or even hours, helping companies save money on the process while closing deals faster. It has big-name customers like Airtable, Figma, LangChain, and Grammarly, among others.
In 2022, he faced a crisis. Interest rates rose and crashed the venture capital market, making raising more funds tough. The company was burning a lot of capital and was about fourteen months away from running out of money. It was a wake-up call. Hamal had to drastically cut expenses, which meant a big layoff. That experience was so painful he vowed to do things differently. The company extended its runway and tried to drive toward cash flow break-even and cash flow positive profitability.
Although in 2025 VC money is flowing again, especially for AI startups, SecurityPal has not raised another round. The reason is that he sees VC money comes with its own price tag. The more capital raised, the more expectations there will be, the more control of the company is given up, and the more pressure there is to hire a bunch of people that might not work out. For venture capital, what matters is growth. For some investors, fast revenue growth is more important than improving gross margins, meaning a company can fall deeper into the red even as it sells more. VCs trust that founders will figure out profitability later, and until then, they can keep raising funds. If they cannot, the company might not survive.
Hamal wanted what he described as durable growth for SecurityPal: slow and solid. If sales were limited to a handful of deployments at any given time, his team could ensure all customers were well onboarded, even for their edge cases. He did not want fast sales only to have customers not use the product and churn come renewal time. That story happens all the time because there is so much pressure on companies to grow. On the other hand, he found that slow annual recurring revenue can lead to healthy gross margins and great cash collection.
Hamal is clear that he is not advocating against venture capital. Other startups may have to keep raising and chasing fast annual recurring revenue. He is not even ruling out another round for SecurityPal. He just wants more founders to think about the slow-growth, nuanced alternatives. He raised venture capital and has not raised it again because he is trying to put the business in a position where it does not need venture capital over and over again.