What a False Alarm Taught Us About Security as a 2-Person Startup
Alex Chantavy, Kunaal Sikka
BSidesSF 2026 · Day 1 · AMC IMAX
In a candid and surprisingly vulnerable talk at BSides SF, Alex Chantavy and Kunaal Sikka, co-founders of the security startup Subimage, shared a deeply personal and professionally embarrassing incident: a security false alarm that nearly derailed their nascent company. This talk delves into the unique challenges faced by security startups, the psychological toll of a perceived breach, and the invaluable lessons learned when operating under immense pressure with limited resources. Far from being a mere recounting of a mistake, Chantavy and Sikka transform their experience into a powerful narrative about customer empathy, product development, and the enduring importance of fundamental security practices, even for teams that consider themselves experts.
AI review
Honest, self-deprecating war story from two credible founders who had the guts to air their own embarrassing false alarm in public. The root cause is trivially simple — a case-sensitive typo in a password manager — but the talk earns its keep through genuine honesty about panic-driven decision-making and some real product lessons that came out of the incident.