Pandian
Gnanaprakasam

When Pandian Gnanaprakasam returned as ORDR's CEO in March 2025, it wasn't the move of someone chasing a title. He had stepped back to the Chief Product Officer role in 2019 - an unusual downshift for a co-founder - because the product needed his full attention. By 2025, the platform had matured enough that the company needed his full attention back at the top. That's the shape of his career: not straight up, but pointed directly at wherever the problem is hardest.

And the problem at ORDR has always been specific. Not "cybersecurity" in the abstract sense that fills every conference keynote. Pandian is obsessed with the devices that can't run an agent - the MRI machine in room 14, the industrial PLC controlling a factory line, the IP camera in the hospital lobby. These are the machines that never get patched, never get monitored, and are increasingly connected to the same networks as everything else. They are, in the language of security, a nightmare. In Pandian's language, they are an opportunity.

ORDR's newest product, ORDR IQ - launched in November 2025 - is the most ambitious statement of what that opportunity looks like fully built out. It is a multi-agent AI security operator: feed it a question in plain English, and it analyzes vulnerabilities across millions of devices, writes zero-trust segmentation policies, and generates compliance reports - all in seconds. The system draws from over 100 million device profiles accumulated across ORDR's customer base. Not a demo. Not a roadmap item. Already running in production environments.

Pandian grew up in India, earned his bachelor's degree in electrical engineering from PSG College of Technology, and went on to IIT Madras for his master's - one of India's most demanding technical institutions, where the curriculum is rigorous and the competition relentless. What he came out with wasn't just a degree; it was a precise, technical mind built for systems that need to work at scale.

He came to Silicon Valley and landed at Cisco, where he eventually ran engineering for the company's multi-billion-dollar Wi-Fi business unit and led the low-end switching product line as VP of Engineering. Cisco in its Wi-Fi heyday was building the plumbing for a connected world; Pandian was one of the people laying the pipes. But he saw the same thing that a few engineers at Cisco always see: the company around them is too big to move fast enough.

So in the early 2000s, he co-founded Aruba Networks with Sheausong Yang. The timing was nearly perfect. Enterprise wireless networking was about to become non-negotiable, and Aruba was building the architecture to handle it. Over the next decade, Aruba became the intelligent Wi-Fi layer that hundreds of major enterprises ran on - not just access points, but policy engines, location awareness, and network intelligence. Pandian served as Chief Development Officer, overseeing all engineering and product management.

In March 2015, Hewlett Packard Enterprise acquired Aruba for $3 billion. It was one of the larger acquisitions in networking that year - and one of the cleaner ones, in the sense that Aruba had built something HPE genuinely needed. Pandian walked away from it with the credibility that only comes from having actually built and sold something significant.

He took about eight months. Then he co-founded ORDR.

The name is deliberate. ORDR - as in "bring ORDR to chaos." In November 2015, when Pandian and his co-founders started what was then called CloudPost Networks, the chaos they were describing was specific: billions of devices connecting to enterprise networks with no visibility, no management, and no protection. In 2015, most security teams had exactly zero tools built for this. Firewalls didn't understand device behavior. Endpoint agents couldn't run on medical devices or industrial controllers. The problem was structural, not tactical.

ORDR's approach was agentless from the start. Deep packet inspection combined with machine learning to fingerprint every device on a network - not by asking the device to identify itself, but by watching how it communicates. An infusion pump doesn't behave like a laptop. A smart thermostat doesn't behave like a server. ORDR learned to tell the difference, classify devices into thousands of categories, and then use that classification to flag anomalies and enforce policy.

The company's strongest early traction was in healthcare - not because that was the plan, but because hospitals were feeling the pain most acutely. A hospital network can have 50,000 connected devices, many of them medical-grade hardware running Windows XP or older, connected to the same network as clinical systems, email, and administration. The attack surface is extraordinary. ORDR built specific clinical context into its platform: it knows what an infusion pump should communicate with, and what it should never communicate with. It can spot an anomaly in seconds rather than weeks.

KLAS Research, the healthcare technology research firm that hospitals actually trust, named ORDR a Top Performer in Healthcare IoT Security for four consecutive years: 2020, 2021, 2022, and 2023. That streak, in a category where hospitals do not hand out accolades lightly, is the closest thing to independent proof of product-market fit. Three of the world's top six hospitals run ORDR. So do 150+ manufacturing sites globally, major financial services institutions, and transportation networks.

The March 2024 launch of ORDR CAASM+ marked a deliberate broadening. Cyber Asset Attack Surface Management - CAASM - is the industry's answer to the question: "Do you know everything that's on your network?" Most enterprises don't. ORDR's version claims 2x the asset visibility and 4x the scale of existing competitors, built on top of the same AI-driven asset intelligence platform that already classified millions of devices in hospital and factory environments. It's not a pivot; it's the same engine applied to a bigger problem.

Pandian's investor network for ORDR tells a story about Silicon Valley's interlocking communities. René Bonvanie, the former CMO of Palo Alto Networks, is an angel investor. So is Dan Warmenhoven, former chairman and CEO of NetApp, and Dominic Orr, the former chairman and CEO of Aruba Networks - the very company Pandian helped build. The people who know exactly how hard it is to build infrastructure security companies put their own money in.

Most founders who step back from CEO do it because they have to. Pandian did it because he wanted to. In 2019, with ORDR's platform still being built, he decided the company needed his product instincts more than his management attention. So he handed the CEO role to a professional CEO and went deep into product. It's an unusual move - the kind of thing that gets second-guessed at board meetings and in press profiles. But the bet paid off.

The ORDR platform that launched CAASM+ in 2024 and ORDR IQ in 2025 is not the product of a company that got distracted by growth metrics. It's a platform built by someone who spent years thinking about exactly what connected device security should look like when it's done right. Pandian came back to the CEO seat in March 2025 not because the product wasn't ready, but because it was - and it needed a different kind of leadership to scale it.

His Twitter handle, @ordrofthings, is a small tell. It's a riff on both "Order of Things" and "Internet of Things" - the kind of pun that requires you to have thought about both things carefully. That's the register he operates in: precise, technically grounded, and not above a good wordplay. He writes for Security Boulevard and DevOps.com, contributes to industry conversations, and shows up at cybersecurity forums as a speaker. The point of view is consistent: connected devices are the biggest unaddressed attack surface in enterprise security, and the answer requires AI that works at machine speed, not analyst speed.

The profile of ORDR's investor base is revealing. Mayo Clinic and Kaiser Permanente Ventures backed the Series B - strategic healthcare investors, not purely financial ones. That means hospitals with real patient safety concerns looked at ORDR and wrote a check. That's a different kind of validation than a conference award or an analyst report. It's a healthcare system saying: "We trust this enough to put our name on it."