Welcome to The Cybersecurity Pulse (TCP)! I'm Darwin Salazar, Head of Growth and Marketing at Monad and former Detection Engineer in big tech. Each week, I dig through all the major headlines to bring you the latest security product innovation and industry news. Subscribe below for weekly updates! 📧

At the time of acquisition, Wiz was generating ~$17M in enterprise value every. single. day. $32B divided by 1825 days (5 years) equals $17.5M. Not too shabby.

In Part I of our blog series, I covered Wiz’s journey to product-market fit (PMF) and how they designed a winning brand. Both were integral to the success that followed. Once they had PMF and their founders sold their first couple million in annual recurring revenue (ARR), they hit the gas pedal and invested heavily in their GTM motions.

In this post, I’ll be dissecting their approach to sales, channel, and alliances and attempt to provide practical takeaways other GTM teams can apply. Below are the areas I’ll cover:

• Sales org structure and key hires

• Top-down sales strategy

• Channel: Cloud marketplaces, resellers, alliances

• Regional and international expansion

Note: I’m taking a black box approach and mostly leveraging public sources like leadership interviews, press, and case studies to dissect Wiz’s approach at each stage of its journey.

Tl;dr

There’s an immense amount of value and important context throughout the post so I encourage you to read til the end. However, if you’re in a time crunch, here are the biggest takeaways for founders and GTM operators:

• Start with Founder-Led Sales until $1-3M in ARR

• Once PMF, hire world-class revenue leaders early

• Grow ahead of demand, not behind it.

• Build a layered channel & partner strategy (Resellers, MSSPs, Tech alliances, etc)

• Go top-down from day one. Go for massive deals v. SMB (if you have the choice)

• Continuously iterate on Time-to-Value (TTV).

• Align with how customers want to buy. Be flexible on timelines + transaction methods.

• Treat cloud marketplaces as strategic channels. Nurture and invest.

  • Off topic, but on topic: CrowdStrike sold $1 billion in revenue on AWS Marketplace in 2024 🤯

• Ask questions, sit back. Listen more than what you speak during customer conversations.

Fall in love with your security logs again. Detect & respond like a boss.

Here's the hard truth: traditional SIEM and logging tools are struggling under today's massive log volumes, with costs quickly escalating to six or seven figures per year. That's why teams are searching for better alternatives. But there's a catch: these alternatives often require significant data engineering work to maintain.

That's where Scanner.dev comes in - Our platform transforms how you SIEM. Just load your raw log data into S3 buckets, and let our schemaless indexing engine take care of the rest. With Scanner.dev, querying is a breeze thanks to our free text search, which processes data at blazing speeds up to 10TB/sec 🤯. Plus, you have the flexibility to use our default detection rules or customize your own and sync them from GitHub.

👉 Check out their playground here

Sales Org Structure and Talent

Wiz leaned heavily on founder-led sales in the early stages. Once they discovered how to position and sell the product to their core ICPs (cloud+infra security, CISOs), they then had a repeatable sales motion of sorts which laid the groundwork for seasoned sales leaders to build upon.

People are more likely to buy from people they like and trust. This is especially true in cybersecurity. So the first few sales hires are crucial for establishing and scaling a winning team and culture.

Bringing in a World-Class Sales Leader

With early traction on tap, Wiz poured gasoline on the fire by hiring Colin Jones, a world-class revenue leader who previously spent 6 years at Duo. Colin joined as CRO in February 2021, just three months after Wiz came out of stealth with $100M in funding, tasked with driving growth from $0 to $100M ARR. In this podcast interview with SaaStr CRO Confidential, Colin discusses the early days scaling Wiz’s sales org. Here are my key takeaways:

• Playbooks are prisons: Instead of leveraging his playbook from Duo, Colin onboarded by going on a “listening tour” by joining as many customer calls as possible to get acclimated with Wiz’s value proposition. He encouraged new hires to do the same.

• Customer-driven GTM shifts: In 2023, Wiz went from hybrid direct/channel model to 100% channel since this is what customers were demanding at the time.

• On scaling: Wiz was hiring GTM based on forecasted growth numbers. They erred on the side of over-hiring to meet demand. In other words, they ‘Blitzscaled’.

• Listen first: Always listen first. Ask questions more than you speak.

• Network and trust: In security, your network and trust is earned over an extended period of time. Cybersecurity is not a transactional field. It’s a trust-based one.

• Leveraging network for critical hires: Colin was introduced to Wiz CEO, Assaf Rappaport, by the investor network at Index Ventures and Sequoia Capital.

• A players attract A players: Demand outpaced time and resources. Wiz had to build product, sell, and scale talent simultaneously. Colin was critical in recruiting more sales leaders.

• “The only way to figure out how great you can be is to fall short of it.” 🔥

Great interview that’s worth a full listen. Skip to minute 5 + listen on 1.5x speed to save precious time.

Note: Colin is no longer at Wiz. He’s recently joined Sublime Security, an email security startup taking the world by storm.

Blitzscaling the Sales Org

Aside from bringing in a notable CRO, they brought in former Zscaler executives like Dali Rajic, who joined as Wiz’s first President/COO in 2024. By early last year, Wiz’s global workforce had reached approximately 900 employees, with an additional 400 planned hires, largely focused on sales and go-to-market roles. The sales org structure evolved into regional teams covering Americas, EMEA, and APAC, headed by experienced VPs.

After hiring Dali, Wiz brought on two more notable former Zscaler sales folks including their former Americas sales SVP, Mike Earnest, as VP of Worldwide Sales and Tom Henderson as new VP of Channels & Alliances who was brought in to formalize partner strategy. By scaling up talent and leadership quickly, Wiz ensured it had the bandwidth to engage Fortune 100 customers globally and not lose deals due to capacity.

Talent + Culture Impact

Wiz’s sales momentum became a virtuous cycle, attracting top talent and new customers alike. Prospective employees were drawn to Wiz’s evident market leadership and potential for substantial rewards, making recruitment easier and reinforcing growth.

From the outside looking in, Wiz’s incentive structures were probably aligned with its GTM goals, offering competitive compensation, equity incentives, and clear alignment to encourage enterprise deals and channel-driven revenue growth. Incentives were probably also great for product, eng., ops and all other functions at the company.

Everyone wants to be part of a rocketship 🚀

Top of the Top-Down Sales Strategy

From the beginning, Wiz combined aggressive outbound top-down sales with strategically engineered inbound interest via marketing efforts. Unlike typical SaaS growth models in crowded categories, Wiz skipped freemium and self-service trials, focusing from day one on top-down selling to Fortune 500 CISOs. By 2024, 40% of the Fortune 100 were customers.

How did they do it?

• Outbound, Big-Deal Focus: Wiz’s sales team went straight after the Fortune 100 and large enterprises, rather than “starting mid-market” like most startups. Early wins included Bridgewater, Morgan Stanley, DocuSign, Slack, BMW, and others as customers. By targeting the biggest “whales” with acute cloud security pain, Wiz closed large annual contracts that rapidly boosted their ARR. Sales cycles that normally take 12–18 months in cybersecurity were compressed dramatically because their agentless platform could deploy in minutes and showed value almost immediately.

• Rapid Proof-of-Value (PoV): Wiz’s product enabled rapid, frictionless evaluations, demonstrating significant security findings within minutes. This immediate "time-to-value" (TTV) turned prospects into eager customers and generated powerful word-of-mouth among CISOs. One Fortune 100 CISO said Wiz’s demo "felt like magic" in how quickly it exposed issues. This led to fast-tracked purchases. As a result, Wiz rapidly built a roster of blue-chip customers, and by publicly announcing ARR milestones, it created a perception of inevitability: everyone is buying Wiz. This momentum pulled in even more customers and boxed out slower-moving competitors. Check out their 'Customer Stories' page for examples: https://www.wiz.io/customers

• Early Inbound via Network and Marketing: Wiz benefited from investor-driven referrals and world-class marketing that created strong industry buzz (expanding on this in Part III). Their investments and execution in marketing meant that by the time a sales rep engaged a new prospect, they had likely already heard of Wiz as the hot new solution for cloud security.

Channel, Cloud, Resellers and Tech Alliances

In 2023, Wiz made the decision to go 100% pure channel sales and doubled down on hiring experienced channel leadership. This was a strategic decision to remove friction in the purchasing process and tap into existing customer budgets and relationships. Over its lifecycle, Wiz’s channel strategy evolved from opportunistic use of cloud marketplaces to a fully structured partner program by 2024.

💡 For clarity, channel = 3rd parties that help you sell your product.

Cloud Marketplaces

Nearly every Wiz deal had the option to transact via the major cloud marketplaces (AWS, Microsoft Azure, and Google Cloud). In fact, 99% of Wiz sellers closed at least one deal through AWS, Azure, or GCP marketplaces. By aligning with the cloud marketplaces, Wiz unlocked enterprise funds already earmarked for cloud. Many large companies commit spend to AWS/Azure as part of their cloud contracts; purchasing Wiz through the marketplace allowed clients to draw down those pre-committed budgets. It also simplified vendor onboarding and billing. Seems like Wiz partnered with a company called Tackle.io to help cloud marketplace selling.

Many deals today happen on cloud marketplaces. CrowdStrike did $1 billion in sales just on the AWS Marketplace in 2024 🤯

Resellers and VAR Partnerships

Beyond cloud marketplaces, Wiz built relationships with security resellers and integrators (often called VARs or channel partners). Early on, these were ad-hoc. For example, Trace3, a major IT solutions provider, became one of Wiz’s first U.S. partners and helped introduce Wiz to joint customers. Seeing the value, Wiz decided to put much more resources into partner-driven growth in 2024. This meant enabling and rewarding partners for sourcing and co-selling deals.

Wiz provided training, attractive margins, and marketing support to top channel partners. In return, partners like Trace3, Optiv, and Big Four consulting firms started bringing Wiz into large “cloud transformation” projects. By leaning into the channel, Wiz could reach many more customers, especially in regions or verticals where using a trusted local reseller is key. As CEO Assaf Rappaport explained, “In cybersecurity, partners are super, super important…we’ve always seen huge potential…and there is so much more we can do” by aligning with them. This partner-first mindset became a priority as Wiz scaled. Key to note that Palo Alto Networks also leaned in heavily in to channel sales on their path to $100B valuation.

MSSPs and Managed Service Providers

Wiz also forged alliances with managed security service providers (MSSPs) as well. A notable partnership was with Expel, a Managed Detection & Response (MDR) provider. In 2024, Wiz and Expel announced an integration enabling Expel’s SOC analysts to natively ingest Wiz’s cloud risk findings. This effectively lets MSSPs include Wiz’s cloud security as part of their monitoring services. “The unique value MSSPs get from this partnership is the coupling of Wiz’s cloud detection with Expel’s analysis,” noted an Expel spokesperson.

By partnering with MSSPs, Wiz extended its reach to smaller enterprises that use outsourced security, without having to sell to each one directly. It gave MSSPs a differentiator (advanced cloud visibility via Wiz), creating a win-win. Wiz also made sure its product could integrate with other MSSP tools and multi-tenant management, smoothing adoption in that channel. The end result is that Wiz became a popular choice for MSSPs looking to bolster their cloud protection offerings. This “channel on steroids” meant even organizations without in-house security teams became Wiz customers via service providers.

Technology Alliances and OEMs

Wiz created a strategic technology partnerships program called ‘WIN’ which set the stage for bidirectional integrations that augmented partner solutions and ultimately, gave customers a more unified view of their security landscape. For example, Wiz partnered with CrowdStrike to integrate Wiz’s cloud findings with CrowdStrike’s Falcon endpoint platform. This unified view helped joint customers correlate cloud and endpoint threats. It also opened cross-sell opportunities. A win-win.

In summary, Wiz smartly leveraged partnerships at every level: cloud hyperscalers, channel partners, resellers, and other security vendors. These alliances gave Wiz scale and credibility far beyond what its size would suggest, enabling them to punch above their weight and become the security darling of the world with an ecosystem rallying around it.

Regional Expansion and International GTM Efforts

To quickly sum this section up, Wiz combined centralized GTM strategy with regional execution. Wiz’s core value proposition – multi cloud security with quick and painless time-to-value – was universal. This meant the same product and messaging resonated globally, allowing the central team to roll out campaigns that regional teams could execute.

Wiz established hubs in key markets like the U.S., EMEA, and APAC. They opened a European HQ in London, expanded aggressively in Asia (Japan, Singapore, and Australia primarily) with SoftBank’s backing, and leveraged their Israeli R&D base for product, eng. and vulnerability research.

Wiz landed key European customers like Shell (Netherlands), BMW (Germany), LVMH (France), ASOS and Bank of England (UK) which certainly helped build a strong presence in the region. They also didn’t let off the gas in the US while they were expanding. They invested heavily in their public sector arm as evident by their FedRAMP Moderate authorization.

The result of their expansion efforts was global penetration. Wiz’s international GTM efforts contributed significantly to its hypergrowth; by not being U.S.-only, it tapped into budgets from London to Sydney, exponentially accelerating its ARR climb.

Regional Expansion and International GTM

To quickly sum this section up, Wiz combined centralized GTM strategy with regional execution. Wiz’s core value proposition – multi cloud security with quick and painless time-to-value – was universal. This meant the same product and messaging resonated globally, allowing the central team to roll out campaigns that regional teams could execute.

Wiz established hubs in key markets like the U.S., EMEA, and APAC. They opened a European HQ in London, expanded aggressively in Asia (Japan, Singapore, and Australia primarily) with SoftBank’s backing, and leveraged their Israeli R&D base for product, eng. and vulnerability research.

Wiz landed key European customers like Shell (Netherlands), BMW (Germany), LVMH (France), ASOS and Bank of England (UK) which certainly helped with word of mouth. They also didn’t let off the gas in the US while they were expanding. They invested heavily in their public sector arm as evident by their FedRAMP Moderate authorization.

The result of their global expansion efforts was global penetration. Wiz’s international GTM efforts contributed significantly to its hypergrowth; by not being U.S.-only, it tapped into budgets from London to Sydney, exponentially accelerating its ARR climb.

Conclusion

Wiz’s success is not just about a great product meeting a market need. Many things had to go right for them grow as fast and as well as they did. They executed a once-in-a-generation GTM strategy with near-perfect timing and intensity. The company built a sales organization that combined veteran leadership with creative, hungry talent. It pursued an unabashedly enterprise-focused approach. Selling top-down to the CISO and skipping the conventional “grow slow” wisdom – and proved that big deals can close fast when the value is clear. Wiz aligned itself with how customers wanted to buy, turning channels and cloud marketplaces into an advantage rather than an afterthought. By forging key partnerships (from AWS to Expel to SoftBank), Wiz extended its reach globally and was able to sell to customers of all types.

There is so much to learn from Wiz’s astronomical rise For founders and GTM leaders, here are the biggest lessons to take away:

• Start with Founder-Led Sales until $1-3M in ARR (or PMF)

• Go top-down from day one. Go for massive deals v. SMB.

• Once PMF, hire world-class revenue leaders early

• Grow ahead of demand, not behind it.

• Build a layered channel & partner strategy (Resellers, MSSPs, Tech alliances, etc)

• Continuously iterate on Time-to-Value (TTV).

• Align with how customers want to buy. Be flexible.

• Treat cloud marketplaces as strategic channels.

• Ask questions and listen more than you speak during customer convos.