Cybersecurity · Operator-Led · Acquisition

Building the cybersecurity services platform for the AI operating era.

SSR Advisors acquires founder-led cybersecurity services firms and builds them into a practitioner-led platform — combining elite security talent, forward-deployed engineers, and AI-enabled workflows.

What We Look For For Founders

Investment Thesis

Most MSSPs sell monitoring.
Customers need judgment.

The market has many tools. It has fewer teams that can turn tools, data, and practitioner expertise into operating leverage. We are building that team.

01

Buy customer trust and practitioner talent

The first acquisition is the platform nucleus — not a financial asset. We buy firms where customers already rely on practitioners for real security judgment. That trust is hard to build from scratch.

02

Build the operating system around them

Post-close, we professionalize GTM, repackage services into recurring security pods, and embed Security FDEs who build automations and AI-assisted workflows alongside practitioners.

03

Replace manual delivery with AI leverage

Vulnerability triage, alert enrichment, GRC evidence collection, and executive reporting — the repetitive work around expert judgment — gets automated. AI drafts. Humans decide. FDEs wire the system.

04

Build toward the AI deployment layer

Enterprise AI value is moving from model access to workflow deployment. We are building the cybersecurity deployment layer: practitioners, FDEs, and repeatable workflows that safely connect AI to real security operations.

Acquisition Criteria

What we look for

We are looking for the best raw material for the platform — not the largest MSSP we can finance.

Metric Target Range
Revenue $4M – $8M
EBITDA $800K – $1.5M
EBITDA Margin 18% – 30%
Recurring Revenue 50%+ preferred
Customer Concentration No single customer >20% preferred
Purchase Multiple 4.5x – 5.5x EBITDA

Strong fits

Practitioner-led MSSP MDR / Detection Engineering AppSec Services Offensive Security / Pen Testing Cloud Security Engineering Technical GRC / vCISO DevSecOps / Secure SDLC

For Founders

A home for elite security practitioners

We are not financial engineers. We are operators who want to build something better. If you have built a firm your customers and team love, we want to hear from you.

What you've built matters

  • Your practitioners and their relationships are the asset — we protect them
  • Your customers stay on the same team with the same people they trust
  • Your delivery culture and technical reputation carry forward
  • The business you built becomes the nucleus of something larger

What we bring post-close

  • Professional GTM motion — outbound, ICP clarity, packaging, expansion
  • Security FDEs who build automations, tools, and AI-assisted workflows
  • Platform infrastructure: playbooks, reporting, customer success cadence
  • A clear path to becoming more valuable as part of something larger

How We Build

Platform, not roll-up

Once the first acquisition is made, we build toward a model where pods, playbooks, AI-assisted delivery, and GTM infrastructure can absorb bolt-ons and scale without losing quality.

Step 01

Acquire the right firm

Buy customer trust and practitioner talent at a market multiple. The first acquisition must have real practitioners, repeatable workflows, and the bones of something buildable.

Step 02

Build the operating system

Professionalize GTM, repackage services into security pods, embed FDEs, and deploy the first AI-enabled workflows across real customer environments.

Step 03

Compound through bolt-ons

Standardized pods, reporting, and delivery infrastructure make integrating smaller acquisitions fast. Each bolt-on expands practitioner bench and customer reach.

About

Mahesh Babu

Founder, SSR Advisors

mahesh@ssradvisors.co

Practitioner turned
platform builder.

Mahesh spent the first decade of his career as a cybersecurity practitioner — building and scaling global application security and identity & access management platforms at HSBC that safeguard billions of transactions. He started at Purdue University's Information Assurance & Security Research Center, where he researched secure software engineering and biometrics.

He made the shift from practitioner to company builder, and today leads growth at Kodem, a venture-backed application security startup. That vantage point — having operated security at enterprise scale, then helped build a security company from the ground up — is the foundation of the SSR Advisors thesis.

SSR Advisors is built on the conviction that the best cybersecurity services firms are built by practitioners, not financiers. The platform should reflect that.

Identity & Access Management Application Security DLP Enterprise Security Startup GTM

Get in Touch

Let's talk

Whether you're a founder exploring options, an investor interested in the thesis, or a security practitioner who wants to build something — we want to hear from you.

Email

mahesh@ssradvisors.co

Founder inquiries

If you run a cybersecurity services firm and want to explore what a partnership could look like — no process, no bankers, just a conversation.

Investor inquiries

We work with a small number of aligned LPs and co-investors who share conviction in the operator-led cybersecurity thesis.