- Huntbase Blog
- Posts
- Founder Spotlight: Ahmed Shosha, Stealthium — Cyber Runway
Founder Spotlight: Ahmed Shosha, Stealthium — Cyber Runway
Founder Spotlight: Ahmed Shosha, Stealthium — Cyber Runway
One of the things I’ve always appreciated about the cybersecurity industry is how paths cross in unexpected ways. You can work for years without meeting someone, only to find out later that you’ve shared mutual colleagues, tackled similar challenges, or even worked on parallel problems without realizing it.
That’s exactly what happened when I met Ahmed Shosha during Cyber Runway. While we hadn’t crossed paths before, I quickly realized we’d been operating in the same circles for years — he had worked alongside my former team at Mandiant and later with a great friend and mentor at MSITC in Microsoft. It was one of those small-world moments that reminded me how interconnected this industry really is.
But as we spoke, what stood out most wasn’t just our shared network — it was Ahmed’s vision for rethinking how security testing environments should work. He’s tackling a problem that most security teams overlook, and he’s doing it with an approach that could fundamentally shift how we assess and contain cyber threats.
The Problem with Traditional Testing
Stealthium is tackling a problem most cybersecurity solutions overlook — the realism of security testing. Right now, malware analysis, threat intelligence, and AI model security often rely on single-machine or virtualized environments. But these methods don’t replicate how threats behave in real-world systems.
Attackers don’t operate in isolation. They spread laterally, interact with external services, and exploit entire application stacks, not just a single endpoint. Traditional sandboxes and execution environments miss these dynamics, making security teams less prepared for how modern attacks unfold.
Ahmed recognized this gap firsthand. While working at Microsoft, he spent years developing sandboxing solutions for Office 365 ATP and Windows Defender. But even then, the focus was largely on file-based threats like phishing payloads and attachments.
“There’s a huge blind spot when it comes to advanced cyberattacks,” he told me. “Security visibility is great in email and consumer protections, but beyond that? Entire categories of threats go undetected because we’re not looking in the right places.”
That realization led him to build something new.
Building Stealthium: From Gaming Security to a Cybersecurity Breakthrough
Stealthium wasn’t always focused on cybersecurity. In fact, Ahmed originally set out to solve security problems in gaming. He was fascinated by how advanced cheat developers had become, often using techniques more sophisticated than traditional malware.
“I saw attackers in the gaming world using custom compilers, advanced GPU manipulation, and deep system exploits — techniques far ahead of what we were seeing in corporate cybersecurity,” he explained.
His first company, PlaySentinel, aimed to build sandboxing and anti-cheat solutions for the gaming industry. But after deep market research, he realized that while the technology was viable, the market was too small. Major gaming companies like Riot Games and Epic Games had internal security teams already years ahead, making it difficult for an external company to gain traction.
But the pivot to cybersecurity was obvious.
He saw that the same principles he applied to gaming — realistic execution, anti-evasion, and behavioral analysis — could be used to protect enterprises from sophisticated attacks. That’s when Stealthium was born.
A Smarter, Safer Execution Environment
Today, Stealthium is building execution environments that accurately replicate real-world conditions. Whether it’s assessing malware, analyzing untrusted applications, or securing AI models, Stealthium provides an environment where security teams can observe, contain, and respond to threats as they unfold in real-world systems.
Unlike traditional sandboxes, Stealthium doesn’t just execute a file in isolation — it builds a full, network-aware execution layer that allows:
Threats to interact with realistic systems
Malware to execute as it would inside an enterprise
AI models to be tested against real-world data manipulations
That’s a game-changer in cybersecurity.
“Containers, VMs, and cloud workloads today are running millions of instances without any security monitoring inside them,” Ahmed told me. “If we can’t see what’s happening inside the execution environment, we can’t stop the next generation of cyberattacks.”
Stealthium aims to fix that.
The Challenge of Building a Cybersecurity Startup
Like many technical founders, Ahmed admits that transitioning from engineering to business leadership has been a major learning curve.
“I was an individual contributor at Microsoft,” he said. “I never wanted to be a manager — I thought managers just sat in meetings all day. Now I realize there’s no way around it. As a founder, you have to lead, communicate, and sell your vision.”
Sales, in particular, has been a new challenge. As a first-time founder, he’s had to learn how to pitch Stealthium, raise investment, and navigate enterprise security procurement — something that every cybersecurity startup struggles with.
“The biggest challenge isn’t building the product,” he told me. “It’s making sure enterprises can actually adopt it — compliance, integrations, cloud compatibility. Security buyers have strict requirements, and startups have to fit into their world, not the other way around.”
Takeaways from Cyber Runway
Cyber Runway has played a role in helping Ahmed refine his business strategy.
Networking & Exposure: The program connected him with other founders, investors, and industry mentors who provided key insights on navigating sales and funding.
Sales & Market Strategy: Learning from others helped him understand the importance of founder-led sales — something he initially avoided but now embraces.
Visibility & Industry Connections: Stealthium was selected to be part of Plexal’s UK delegation to RSA, which has given him the chance to position the company on a global stage.
For other technical founders, Ahmed strongly recommends accelerators like Cyber Runway.
“Engineers need to go through these programs,” he said. “You can build the best technology in the world, but if you don’t know how to sell it, it won’t matter.”
What’s Next for Stealthium?
Stealthium is now focused on closing its first enterprise customers and preparing for its next funding round. The company is growing fast, but Ahmed knows that cybersecurity startups live or die based on real-world adoption.
“Our priority right now is landing key enterprise deals,” he said. “We know we have the technology. Now it’s about proving its impact in the real world.”
With the rise of AI security concerns, supply chain threats, and execution-level attacks, Stealthium is positioned to solve one of the biggest security gaps today — ensuring that execution environments are just as secure as the networks they run on.
And from my conversation with Ahmed, I have no doubt that he’s building something that will shape the future of cybersecurity.