# Ivan Novikov

> Ivan Novikov is the founder and CEO of Wallarm, an AI-powered API security platform that has raised over $70 million in funding including a $55M Series C in 2025. With 24+ years in cybersecurity, he is recognized as the inventor of memcached injection attacks and a pioneer of SSRF research, having earned bug bounty awards from Google, Facebook, Twitter, Tesla, and Yandex. A Y Combinator S16 alumnus with a physics background from Moscow State University, Novikov transformed hands-on offensive security expertise into a company protecting APIs for enterprises worldwide.

- **Role:** Founder and CEO at Wallarm
- **Organizations:** Wallarm, ONsec, Y Combinator, Forbes Technology Council
- **From:** Russia
- **Nationality:** Russian-American
- **Education:** Master's degree in Physics (Quantum Magnetism), Lomonosov Moscow State University, Accelerator Program (Batch S16), Y Combinator
- **Known for:** Inventor of memcached injection attack class, presented at Black Hat USA 2014, Pioneer of SSRF research, authored 'The SSRF Bible', Bug bounty awards from Google, Facebook, Twitter, Tesla, Yandex, and Honeywell

## Career timeline

- **2004** — Began career as security researcher and bug bounty hunter
- **2009** — Founded ONsec, a Moscow-based penetration testing consultancy
- **2011** — ONsec won first place at Yandex 'Month of Search of Vulnerabilities' tender
- **2012** — Discovered and published memcached injection attack vector
- **2012** — Pioneered SSRF (Server-Side Request Forgery) research, authored 'The SSRF Bible'
- **2014** — Presented 'The New Page of Injections Book: Memcached Injections' at Black Hat USA
- **2016** — Founded Wallarm; accepted into Y Combinator Batch S16
- **2019** — Spoke at BSidesSF on using AI to reduce false positives in security detection
- **2020** — Launched GoTestWAF, open-source WAF and API security testing tool
- **2022** — Joined Forbes Technology Council
- **2024** — Launched Wallarm Security Edge SaaS platform; achieved 134% enterprise account retention
- **2025** — Closed $55M Series C led by Toba Capital, total funding exceeds $70M

## Achievements

- Inventor of memcached injection attack class, presented at Black Hat USA 2014
- Pioneer of SSRF research, authored 'The SSRF Bible'
- Bug bounty awards from Google, Facebook, Twitter, Tesla, Yandex, and Honeywell
- Founded and scaled Wallarm to 210+ employees with $70M+ in total funding
- Led Wallarm through Y Combinator S16 in 2016
- Achieved 134% enterprise net revenue retention at Wallarm in 2024
- Member of Forbes Technology Council
- Created GoTestWAF, widely-adopted open-source API security testing tool
- ONsec conducted 200+ security audits for major Russian tech companies (2009-2016)
- Analyzed over 10,000 CVE reports and bug bounty submissions to map API threat landscape
- Regular speaker at Black Hat, HITB, BSidesSF, and SyScan 360

## Latest updates

- **2025-08** — Wallarm closes $55M Series C led by Toba Capital to accelerate AI-powered API security platform
- **2025-07** — Interviewed on bot-driven attacks, credential stuffing, and AI platform exploitation risks
- **2024-11** — Appeared on Techstrong TV discussing Wallarm Security Edge SaaS platform launch
- **2024-01** — Wallarm reports 134% enterprise account retention and near-zero churn for fiscal year 2024

## Links

- Website: https://wallarm.com
- LinkedIn: https://www.linkedin.com/in/d0znpp/
- Twitter/X: https://x.com/d0znpp
- GitHub: https://github.com/d0znpp
- YouTube: https://www.youtube.com/@ivannovikov332
- Facebook: https://facebook.com/wallarm/

---

Profile page: https://yespress.io/ivan-novikov
Published by YesPress — https://yespress.io
Last updated: 2026-05-26
