Welcome to Founders Everywhere, where we highlight the incredible people behind the companies we’ve backed at Everywhere Ventures, a global pre-seed fund supported by a community of 500 founders and operators.

Every company with software has vulnerabilities, and the question is who finds them first. Penetration testing, or pentesting, is the practice of simulating real-world cyberattacks to find and fix security weaknesses before they cause real damage. It’s a critical part of keeping software safe and a common compliance requirement, but traditional security tools and human-powered pentests are often slow and expensive. They run after software is live, leaving dangerous windows of exposure. Pensar provides continuous penetration testing using AI agents, integrated directly into the software development process so vulnerabilities are caught as code is being written, not after it goes live. Their platform pairs AI with certified human experts to deliver both speed and trustworthy oversight. They recently closed a seed round led by Basis Set Ventures to scale the platform and keep pushing the boundaries of automated offensive security.

Co-founders Kerem Proulx and Kyle Bhiro met on the first day of college and have been building together ever since, starting their first company as 19-year-olds selling ML software to Long Island manufacturers. Kerem brings extensive experience in cybersecurity and risk management, having built and trained models to quantify cyber and model-driven risks at Barclays. Kyle has a strong track record as a tech entrepreneur and security & developer community builder. After one of their habitual $10 bowl lunches, they decided they had been watching AI accelerate both software development and cyber threats from the sidelines far too long, and now was the time to go all-in. They quit their jobs on the same day, cashed out their savings, and set out to build the security infrastructure they believed the industry urgently needed. With Pensar, they’re rewriting the rules of security and putting their pen to good use.

What’s Pensar’s North Star?

Our North Star is simple, find vulnerabilities and get them patched as fast as possible. To do so, we are building at the frontier of what LLMs and agents are capable of in offensive security (offsec). Our customers trust us to keep them multiple steps ahead of threat actors, who themselves are using AI to scale their attacks. This means our product has to push the boundaries of what’s possible in offsec to identify critical attack vectors and patch them as early as possible.

Our continuous testing product has discovered and patched critical vulnerabilities in mission critical apps that both scanners and traditional pentesting firms missed. A recent enterprise customer, a broker‑dealer managing over $100 billion, told us they’d only pay us if we found at least one critical vulnerability their existing tools and human pentest missed. Our agents found three in a single application and helped remediate them quickly.

What sets Pensar apart from competitors?

A lot of tools live “to the right” of production. They automate traditional pentests or run scanners after everything is deployed, which still leaves security lagging behind the speed of modern development. We integrate as far “left” as possible into the developer workflow, so developers can run audit‑grade pentests continuously as they ship code with AI - with security teams configuring the policies and checks. This enables Pensar’s vision of self-securing software - where AI agents write code, open a pull request, Pensar pentests the changes at runtime, and confirmed vulnerabilities are fed back to the coding agent for remediation before pushing to production. This type of runtime security testing is the missing piece to what we call the software dark factory - a system that autonomously writes, reviews, tests, and deploys software without the need for humans to manually review code.

We also combine AI agents with human pentesters. Certified experts review findings and reports, and they audit the agent itself, so customers get both scale and expert oversight. We’ve open sourced our core pentesting agent, Apex, which runs from the command line. Human pentesters use it in real-world assessments, and with their permission, those learnings help us make our models smarter and improve the product in ways generic LLM‑based tools can’t. Apex recently outperformed the two leading open-source offensive security tools in a benchmark across 60 modern, defense-enabled web applications and the video went viral on X.

Tell us about some recent milestones that Pensar crushed.

• We recently closed our seed round, led by Basis Set Ventures with Everywhere Ventures and others participating, giving us fuel to further scale our offensive agents into the enterprise.

• We landed our first major enterprise customer (a broker‑dealer with over $100 billion under administration) where we deployed Apex into a sensitive enterprise environment with great results.

• We hired the former head of AI from another New York cybersecurity company to lead our efforts in pushing the frontier of autonomous offensive security - leveraging the data we get in the wild to improve our own models and agents.

What makes Pensar a must-have vs a nice-to-have?

We ask our customers: do you trust the code that claude or codex wrote? With Pensar, you can confidently answer that question. Using runtime validation of AI generated code, the green checkmark in your CI can actually mean something - enabling teams to actually benefit from the speed and continuous nature of coding agents without sacrificing security and safety.

Once a customer, whether an enterprise or hypergrowth startup, sees at least one of the critical findings (and the speed of remediation) from our system, they convert.

How has your background influenced you as a founder?

Kerem: I was a handful as a kid, endlessly questioning everything, and got into breaking things early on. My dad worked in intelligence and was a network security engineer after his time in the Airforce. He taught me to break into and understand systems as a kid. I grew up overseas where my parents were deployed - never quite assimilating with other kids (which I didn’t mind). I eventually learned to play life on hard mode - doing difficult things others would not as I realized it gave me an advantage. Eventually I would learn to love the struggle, and it led to my belief now as a founder in cultivating asymmetries in all things (information, talent, product, capital, etc.).

Kyle: I have a very New York story. My parents are immigrants. My mom worked in the Twin Towers and my dad, an electrical contractor for the new World Trade Center. From a young age, my dream was to build something meaningful in New York City. My early startups, including the first one I built with Kerem, taught me the skills and conviction to tackle bigger and bolder problems with each iteration, leading to our ambitious focus with Pensar.

Fun Fact:
Kerem: I have an opinionated and highly coveted list of rice bowl spots in the city ranked by dollar-per-calorie and overall vibes.

Kyle: I run one of the largest in-person engineering communities in New York and co-host one of the largest AI demo series in the country.

Listen to Allison Lee with Jenny Fielding, on the Venture Everywhere podcast: The Ultimate Revive-al. Now on Apple & Spotify. Check out to all our past episodes here!