Michael Nicosia is the Co-founder and COO of Salt Security, a company that protects APIs from threats using cloud-scale big data, AI, and ML. Under his leadership, Salt has raised $271 million, reached a $1.4 billion valuation, and has become a leader in API security with patented AI technology and Fortune 500/Global 1000 clients. With over 20 years of experience in enterprise software sales and marketing, Michael helped lead Adallom as COO from its founding to its $327 million acquisition by Microsoft.
Here’s a glimpse of what you’ll learn:
- [4:16] Michael Nicosia explains Salt Security’s mission to protect APIs and AI agents
- [5:14] Michael on APIs and how they power digital services
- [7:49] Lessons from Y Combinator and coaching from Sam Altman
- [11:03] Michael’s motivation for leaving big tech roles to launch a startup
- [13:39] Securing first customers and shaping Salt’s pricing strategy
- [17:55] How Salt Security onboards and implements for enterprise clients
- [26:48] Challenges and insights from the fundraising journey and early investor feedback
- [38:27] Strategies for scaling growth as AI-driven APIs and agentic AI expand
- [42:36] Mentors and advisors who shaped Salt Security’s growth trajectory
In this episode…
APIs power nearly every modern digital service, yet most companies remain unaware of just how vulnerable these connections can be to breaches. With AI agents, MCP protocols, and microservices expanding rapidly, how do you ensure that sensitive data isn’t leaking through unseen cracks in your API infrastructure?
Michael Nicosia, a serial entrepreneur and technology executive, shares how he took the leap from corporate roles to building a platform that safeguards APIs. He describes starting with only an idea, refining it through Y Combinator, and securing early validation from security leaders. Along the way, Michael emphasizes the importance of focusing on customer outcomes, building the right team, and persevering through uncertainty. His journey shows that protecting digital services isn’t just about software — it’s about resilience, trust, and staying ahead of attackers.
In this episode of the Inspired Insider Podcast, Dr. Jeremy Weisz interviews Michael Nicosia, COO and Co-founder of Salt Security, about scaling cybersecurity solutions for the modern digital world. Michael discusses lessons from Y Combinator, navigating the fundraising journey, and securing enterprise clients. He also shares insights on pricing models, hiring top talent, and the role of mentorship in building a lasting company.
Resources mentioned in this episode:
- Michael Nicosia in LinkedIn
- Salt Security
- Roey Eliyahu on LinkedIn
- Y Combinator
- Carl Eschenbach on LinkedIn
- Mark McLaughlin on LinkedIn
Special Mentions:
Related episodes:
- “Automation Solutions with Wade Foster Founder of Zapier” on the Inspired Insider Podcast
- “[SaaS Series] Revolutionizing Online Forms and Productivity With Aytekin Tank of Jotform” on the Inspired Insider Podcast
- “Pipedrive: Brain Surgery, Married, & Moved Company from Estonia to U.S. All at Once – with Urmas Purde [Inspiration]” on the Inspired Insider Podcast
- “[Top Israel Leader Series] Engineering the Autonomous Revolution with Rabbi Mois Navon of Mobileye” on the Inspired Insider Podcast
- “[Venture Capital Series] Triaging Growth Challenges in Startups With Brett Browman” on the Inspired Insider Podcast
Quotable moments:
- “Deep inside, I was always thinking, can you do something like this? I was scared to death. But I took the leap.”
- “The first ten customers are your hardest. After that, from ten to twenty, it’s easier.”
- “Having that positive mental attitude and making sure that you’re focused on your vision is really important.”
- “Fundraising — if anybody tells you that it’s fun, it’s not. It’s rewarding at the end when you do get money.”
- “At the very beginning, it’s all about explaining why you exist and why it’s important.”
Action steps:
- Prioritize understanding customer outcomes: Focus on the value delivered to customers to ensure alignment with real-world needs and avoid building in a vacuum.
- Seek early validation from target users: Engage potential buyers early to confirm genuine problems and shape solutions before heavy investment.
- Leverage mentorship and peer networks: Build relationships with mentors and peers to gain insights, opportunities, and constructive feedback.
- Maintain transparent and collaborative co-founder roles: Define responsibilities clearly and align strengths to maximize efficiency and ownership.
- Embrace resilience and a positive mindset: Approach setbacks as learning opportunities while sustaining optimism and clarity of vision.
Sponsor for this episode
At Rise25 we help B2B businesses give to and connect to your ‘Dream 200’ relationships and partnerships.
We help you cultivate amazing relationships in 2 ways.
#1 Podcasting
#2 Strategic Gifting
#1 Our Predictable Podcast ROI Program
At Rise25, we’re committed to helping you connect with your Dream 200 referral partners, clients, and strategic partners through our done-for-you podcast solution.
We’re a professional podcast production agency that makes creating a podcast effortless. Since 2009, our proven system has helped thousands of B2B businesses build strong relationships with referral partners, clients, and audiences without doing the hard work.
What do you need to start a podcast?
When you use our proven system, all you need is an idea and a voice. We handle the strategy, production, and distribution – you just need to show up and talk.
The Rise25 podcasting solution is designed to help you build a profitable podcast. This requires a specific strategy, and we’ve got that down pat. We focus on making sure you have a direct path to ROI, which is the most important component. Plus, our podcast production company takes any heavy lifting of production and distribution off your plate.
We make distribution easy.
We’ll distribute each episode across more than 11 unique channels, including iTunes, Spotify, and Amazon Podcasts. We’ll also create copy for each episode and promote your show across social media.
Cofounders Dr. Jeremy Weisz and John Corcoran credit podcasting as being the best thing they have ever done for their businesses. Podcasting connected them with the founders/CEOs of P90x, Atari, Einstein Bagels, Mattel, Rx Bars, YPO, EO, Lending Tree, Freshdesk, and many more.
The relationships you form through podcasting run deep. Jeremy and John became business partners through podcasting. They have even gone on family vacations and attended weddings of guests who have been on the podcast.
Podcast production has a lot of moving parts and is a big commitment on our end; we only want to work with people who are committed to their business and to cultivating amazing relationships.
Are you considering launching a podcast to acquire partnerships, clients, and referrals? Would you like to work with a podcast agency that wants you to win?
Rise25 Cofounders, Dr. Jeremy Weisz and John Corcoran, have been podcasting and advising about podcasting since 2008.
#2 Our Comprehensive Corporate Gifting Program
Elevate business relationships with customers, partners, staff, and prospects through gifting.
At Rise25, thoughtful and consistent gifting is a key component of staying top of mind and helps build lasting business relationships. Our corporate gift program is designed to simplify your process by delivering a full-service corporate gifting program — from sourcing and hand selecting the best gifts to expert packaging, custom branding, reliable shipping, and personalized messaging on your branded stationary.
Our done-for-you corporate gifting service ensures that your referral partners, prospects, and clients receive personalized touchpoints that enhance your business gifting efforts and provide a refined executive gifting experience. Whether you’re looking to impress key stakeholders or boost client loyalty, our comprehensive approach makes it easy and affordable.
Discover how Rise25’s personalized corporate gifting program can help you create lasting impressions. Get started today and experience the difference a strategic gifting approach can make.
Email us through our contact form.
You can learn more and watch a video on how it works here: https://rise25.com/giftprogram/
Contact us now at [email protected] or message us here https://rise25.com/contact/
Insider Stories from Top Leaders & Entrepreneurs…
Episode Transcript
Intro: 00:15
You are listening to Inspired Insider with your host, Dr. Jeremy Weisz.
Dr. Jeremy Weisz: 00:22
Dr. Jeremy Weisz here, Founder of InspiredInsider.com where I talk with inspirational entrepreneurs and leaders. Today is no different. I have Michael Nicosia and you can check him out at Salt.Security. We’re going to dig into that. Michael, before we do, I always like to point out other episodes of the podcast people should check out since this.
This is part of the Top SaaS series. Here’s a couple other episodes. I did an interview with one of the co-founders of Zapier, Wade Foster, who also went through Y Combinator. I believe, as you guys did. That was a really interesting episode.
I had the founder of Jotform, Aytekin Tank on. He talked about obviously revolution, revolutionizing online forums, productivity and how he built the company to over 25 million users. So that was really interesting. And one of the co-founders of Pipedrive, I think when I had him on, they were around 10,000 customers. Now there are over 100,000. And just a really interesting journey and it’s sometimes rocky along the way. So it was cool to see that and having to share openly about that. So check more out in InspiredInsider.com.
This episode is brought to you by Rise25. At Rise25, we help businesses connect to their dream relationships and partnerships. We do this in a few ways. One, we’re an easy button for a company to launch and run a podcast. We do the strategy, accountability, and the full execution and production.
We also are an easy button for companies gifting. So we make gifting and staying top of mind to clients, partners, prospects, even people send to their staff from a culture perspective. Simple, easy and affordable. And all you do is give us a list of the people and we do everything else. Everything’s branded to you, and we actually send, you know, it’s not like a one off gift. We like to send campaigns. So maybe, I think every four months for four years a gift to your favorite people.
So, you know, Michael, we call ourselves kind of the magic elves that run in the background and make it stress free to build amazing relationships so you can run your business. And, you know, for me, the number one thing in my life is relationships. I always look at ways to give to my best relationships, and I found no better way over the past decade to profile the people and companies I admire on the podcast, and to send them sweet treats in the mail. So if you have questions, go to Rise25.com or email [email protected].
And a thank you to iBrand Visual who helped create this sign behind me. If you’re watching the video, I needed it for years. I needed an upgrade and they helped with it. And they do interior and exterior signs from startups to fortune 500. Like even companies like the Ritz have their signs with iBrand Visual too. So check them out.
But I’m excited to introduce, as I mentioned, Michael Nicosia, and he’s a serial entrepreneur, software technology executive. He’s COO and Co-founder of Salt Security. In 2016, Michael partnered with Roey and they established Salt, which is a SaaS cybersecurity startup.
And basically they’re a platform built to secure AI agents and MCP servers. You know, which recently, Michael, I heard of a case where someone had a big launch and one of their AI agents got hacked and information got leaked. So this stuff is real, and it happens especially more and more people are using it, and they’re backed by companies like Sequoia and Y Combinator and many more. Michael, thanks for joining me.
Michael Nicosia: 03:56
Jeremy, thank you. I appreciate you having me. And I appreciate the introduction. Thank you.
Dr. Jeremy Weisz: 04:01
That’s the most talking I’ll do all day because I want to hear about Salt. So as you do that there is a video portion. If people want to check it out, just talk about Salt and what you do and I’ll pull up the site.
Michael Nicosia: 04:16
Yeah. I mean, so, you know, we started the company, you know, went through YC in 2016, but really in 2018 is when we, you know, started Salt Security. And basically it was the notion of if you think about these digital services, right, as applications or APIs, it’s, you know, we’re able to discover, we’re able to govern and then protect against any, you know, bad actors that are trying to steal sensitive data. So that’s really what we do. And obviously today the, you know, AI agents, MCP agent to agent, you know, protocols are all kind of exploding the need to not only secure them, but obviously to discover them and to govern them.
Dr. Jeremy Weisz: 04:59
Can you just for laypeople like myself, just explain an API and we’re looking here. I know API is a connection point, but how do you kind of explain in layman’s terms what an API is?
Michael Nicosia: 05:14
Yeah. And it’s funny you asked me because obviously everybody’s like APIs. You know, it’s kind of like the building blocks of applications. And if you think about an application, 85% of it is API driven. But really think about APIs as digital services.
And when I talk about digital services, think about mobile apps, web apps, microservices, AI agents, MCP protocols, agent to agent protocols. Those are all driven mostly by APIs. And normally a lot of sensitive data are housed in these APIs. And that’s what we really, you know, protect against.
Dr. Jeremy Weisz: 05:53
Yeah. Like when I picture APIs, I picture a connection point. Obviously there’s companies like Make and Zapier and the like. You go in, okay, I want to take my data from ActiveCampaign, move it, or from someone who signs up in Calendly to ActiveCampaign, you can set up that connection point with whatever Zapier, Make, and it sends information. It’s really that’s an API. Is that accurate?
Michael Nicosia: 06:19
Exactly. So even, you know, in this kind of agentic AI scenario, if you think about you’ve got ChatGPT and you’re asking a question, once you ask that question that, you know, API call is an API that goes into like a server, like an NCP protocol, and then that NCP protocol, you know, shoots data to, you know, a thousand other servers, back end servers, those are all API driven calls that, you know, come back and provide you an answer.
So really think about APIs as that movement from one app to another app. And it doesn’t even have to be an application. It could be, you know, an application, it could be a variety of different things. But it’s that communication point between, you know, two apps, an app with a hardware, those kinds of things.
Dr. Jeremy Weisz: 07:11
It is mind blowing to think what happens when we’re using ChatGPT or something else, and it happens instantaneously. I picture like similar to like a cell phone, like I’m making a call. It’s like hitting some kind of satellite, coming back like within a millisecond. And if it delays, we’re like, what’s going on? You know?
I think Louis C.K. has a funny joke on that. Wait, it’s going all the way to space and then coming back, and we get mad if it’s, like, takes an extra, like point two seconds or something like that. But that’s what I picture with this. Talk about some lessons from Y Combinator.
Michael Nicosia: 07:49
Yeah. I mean, we were fortunate enough in 2016 to to start with YC, and basically it’s a two week program that basically helps you in a variety of different ways. It’s really to not only start your company, your business plan, your cap table, how to structure it, you know how to go and, you know, put together kind of a, you know, your first customer story and then how to perhaps even speak to investors. So it was a phenomenal, you know, two week journey. And one of the greatest things about it was that Sam Altman was our coach in that whole process, which was really, really cool.
And, you know, obviously not only himself, but there’s a number of other, you know, high powered individuals that we were able to meet. But they basically give you all of these coaching and techniques and how to start your business. And it was fabulous for us.
Dr. Jeremy Weisz: 08:46
That’s a pretty cool coach to have.
Michael Nicosia: 08:48
Yeah.
Dr. Jeremy Weisz: 08:49
Do you remember any advice from Sam Altman?
Michael Nicosia: 08:54
Yeah. I mean, I think it was, you know, just a focus on, you know, kind of like, you know, what’s important from a customer perspective. So kind of the outcome was the most important thing because, you know, a lot of founders start companies and they think about, you know, cool things that they’re doing, but they don’t, you know, talk about the value associated with what customers are going to receive. So I think that was the biggest element that, you know, we made sure that we wanted to focus on.
Dr. Jeremy Weisz: 09:24
I’d like to talk about and this is, you know, when you went through Y Combinator, but I want to back up a little bit and how you met your co-founder.
Michael Nicosia: 09:33
Yeah. Yeah. I mean, we were fortunate enough we had some mutual friends. You know, Seth Rapaport, who is the Co-founder CEO of Wiz, actually got us introduced in 2015. And I was part of, you know, the founding fathers of Adallom, which are also the founding fathers of Wiz. You know that company.
Dr. Jeremy Weisz: 09:55
Got acquired by Microsoft at one point?
Michael Nicosia: 09:58
Yes, yes. So we started in 2012, and then we got acquired in 2015 by Microsoft for at the time was phenomenal numbers. It was 320 million. You know in today’s world.
Dr. Jeremy Weisz: 10:09
Not at the time. I think that’s phenomenal at any time in my mind.
Michael Nicosia: 10:13
But yeah. And it was amazing. And anyway, as we were, you know, kind of going through the journey, you know, Roey and his staff had connected up in Israel and, you know, he had wanted to meet me and he helped kind of broker that meeting. And we met, you know, towards the latter part of 2015 to really, you know, talk about this concept of, you know, discovering and securing APIs.
Dr. Jeremy Weisz: 10:39
I’m curious because, like, you have a really cool career trajectory in all these companies, and I feel like a startup, starting up a big oh, forget it. Like this is too much work. At some point. So what was the original idea and what made you be like, okay, I’m going to go in on a startup and work long hours and toil away.
Michael Nicosia: 11:03
Yeah. I mean, I think, you know, because I had started my career in very big companies like Hewlett Packard, PeopleSoft, Oracle, you know, Citrix. So and, you know, at one point in time, you know, you build some successes associated with that. And then I always had this dream of, you know, starting something and really building something from scratch. So like in 2011 when, you know, I met Assaf to start, you know Adallom in 2012, I, you know, I just took a leap of faith, to be honest, Jeremy, I just thought, how cool would it be to start a company with these three guys?
And, you know, we had, what, five other developers and, you know, thinking at the time, which is very similar to what we, you know, decided with Salt Security.
And I just, I thought. It would be really interesting and exciting to build something from scratch. And honestly, you know, deep inside I was always thinking, can you do something like this? And it was like I was scared to death. But I took the leap and, you know, knock on wood, everything worked out. From an online perspective.
And, you know, obviously now from a security perspective, it’s worked out and it’s been, you know, a dream. You know, for me over the last what almost, you know, 15 years.
Dr. Jeremy Weisz: 12:21
I know when people enter into Y Combinator there are different stages. Sometimes they have, you know, just a mock up, a proof of concept. Some people have revenue. Where was your company at when you were starting Y Combinator?
Michael Nicosia: 12:33
Yeah, just an idea. We didn’t have a customer. We didn’t have a product. It was just a thought. In terms of, you know, as, you know, kind of technology and innovation were starting to kind of, you know, build through all of these mobile web apps, microservices, specifically microservices.
And we were concentrated on that because it was ideal at the time. When you think about 2016 or 2015, you know. So it was a concept. And, you know, we applied and I remember and Roey still has the recorded voicemail that Sam, you know, he called Roey and basically said, you know, we’d love to have you at YC. And it was exciting.
I remember we were like, like screaming and we were so excited. So yeah, it was a concept. And then from that concept, there’s a lot of hard work in terms of making that concept into, you know, a full life product and to creating a market with, you know, like a Mark O’Neill at Gartner to getting your first customer to, you know, really kind of scaling the organization.
Dr. Jeremy Weisz: 13:39
Talk about the first milestone from a customer perspective.
Michael Nicosia: 13:44
Yeah. I mean.
Dr. Jeremy Weisz: 13:45
I know you maybe you don’t have to mention customers, but maybe industry wise.
Michael Nicosia: 13:51
Sure. Yeah. How we started. I mean, and it was very similar to Avalon is, you know, we literally. So you identify your buyer and at the time, you know, for us, it’s always been the CISO of organization. The chief information security officer.
So what we did is, you know, we created, you know, maybe 20 to 50 meetings associated with some of the CISOs that we knew or, you know, or our friends knew. And basically it was just a simple ask as, look, we think, you know, that there’s a problem in the industry where APIs are exposed and it can be dangerous if bad actors are able to hack into them and steal sensitive data. You know, what are your thoughts on that? Right.
So initially it’s just getting validation that, you know, other people, like your buyer sees that there is a problem. To, you know, once you identify that it’s a problem and it’s a big problem because, you know, they’d like, you know, they could spend lots of money if something bad happened. Like a breach from a security perspective to, you know, if you were looking at a solution, I gave you a canvas with paint brushes. How would that solution kind of look like? You know, and grabbing that concept into building a product.
And we did that throughout. And, you know, obviously you get your first successes with your first customer to your 10th customer and then, you know, a huge retail customer or customer of ours that really hit our first, you know, eight figure deal or seven figure deal for us, which was amazing. And a huge milestone and great celebration and validation point to not only is this a problem, it’s a big problem. And you need to solve it.
[Continue to Page 2]
