Summary of Finding Product-Market Fit After 3 Years of Failed Ideas

Overview of Finding Product-Market Fit After 3 Years of Failed Ideas

This episode of the SaaS Podcast (host Omer Khan) features Girish Redekar — founder who taught himself to code, built and sold RecruiterBox, then went on to found SprintO (an autonomous trust/compliance platform). Girish recounts years of failed experiments before finding product-market fit, explains how he validated and productized a traditionally services-heavy space by “reverse-engineering” audits, and outlines how AI is reshaping compliance, product design, and security threats.

Guest snapshot

• Guest: Girish Redekar
• Current company: SprintO — autonomous trust / governance, risk & compliance (GRC) platform
• SprintO scale: >3,000 customers across ~70 countries, eight-figure ARR, ~350 employees; ~$30–32M raised
• Prior: RecruiterBox — bootstrapped, sold after reaching several million ARR and >2,500 customers, acquiring ~100 customers/month at peak
• Notable background: Taught himself programming at 28 due to inability to hire developers

Key takeaways

• Validate before you build: don’t write code until you can prove the idea is valuable via customer conversations and experiments.
• Productize services by running the service repeatedly and automating the repeatable parts — treat audits/services as the black box to be automated.
• Expect many failed GTM experiments; it takes many “shots” (Girish: ~20) to find the few channels that scale.
• Understand whether your startup faces product risk (can it be built?) or market risk (can you take it to market?), then choose validation and GTM accordingly.
• AI affects compliance/GRC in three ways at once: powering products, changing customer systems, and increasing external attack vectors — use AI to automate non-deterministic plumbing while keeping determinism for audit-critical facts.

Early failures → what kept them going

• Several initial ideas (job search aggregator, resume/job matching) didn’t convert into viable businesses because much hiring data lived offline/private.
• They persisted due to co-founder resilience, family support, and a belief they were “one step away” from the right idea.
• Signal that RecruiterBox might work: customers tolerated extremely primitive payment/UX (PayPal flow), which indicated strong underlying value.

RecruiterBox: traction and exit decisions

• Early signs of fit: users willing to endure friction to use the product — a strong heuristic for real demand.
• Growth: reached thousands of customers and several million ARR; sold when founders felt:
  • The company was “comfortable” and not scaling to the founders’ bigger ambitions.
  • They weren’t the best people to grow that business further; selling to a buyer who could scale it made sense.

Building SprintO — idea & validation

• Origin: repeated friction around compliance requests (SOC2, ISO, security questionnaires) while selling RecruiterBox to bigger customers.
• Validation approach:
  • Read The Mom Test; committed to not writing code until customer validation.
  • Ran ~15–20 customer interviews to crystallize problem, priorities, and who the essential stakeholders are (notably auditors).
  • One-at-a-time idea immersion: give each idea a week or so, create mockups, talk to people, then decide.

Productizing a services-heavy process (the audit trick)

• Core insight: to productize compliance (a services-driven market), they repeatedly ran audits (paid auditors) and improved tooling internally each time.
• Process:
  • Do the audits manually initially, then add spreadsheets and partial automations, then product features.
  • By the ~10th audit they had a repeatable, automated workflow and clear knowledge of what auditors require.
  • Mental test: if the only thing the auditor sees is a deterministic output, how much of the underlying process can be automated?
• Result: by the time of first beta customers, they could credibly claim deep auditor-facing knowledge and a product that met real audit needs.

Go-to-market and growth lessons

• Two GTM categories: harvesting demand (where customers already search) vs. creating demand (novel products people aren’t actively searching for).
• SprintO was in a demand-rich category — so they focused on being where prospects look:
  • VC perks / startup programs (discounts for VC-backed startups)
  • Founder/CTO Slack and community channels
  • Google presence (SEO + ads) for people googling how to answer security/compliance questions
• Experimentation: they tested ~20 channels; only 3 worked. Examples that didn’t work early: partnerships, conferences (may work later).
• Channel maturity matters: paid search gives quick feedback; partnerships can take months to mature — plan horizons accordingly.

How AI is impacting SprintO and GRC

• AI affects SprintO from three directions:
  1. Product-level: AI enables autonomous workflows and “fix-it” agents that can perform or suggest remediation steps rather than only surfacing issues.
  2. Customer-level: Customers are embedding AI/agents into their products and processes — new assets to govern and secure (agents, models, prompts).
  3. Threat-level: AI enables more sophisticated external attacks (phishing, impersonation), increasing GRC complexity.
• Guardrails and determinism:
  • Audit-critical facts must remain deterministic (e.g., “was database X encrypted? when was user access revoked?”).
  • AI is valuable for non-deterministic plumbing: surfacing commitments from contracts, automating fix steps under human supervision, aggregating obligations across sources.

Notable quotes

• “Everything that eventually needs to get audited needs to be deterministic.”
• “We didn’t want to build a services company. We wanted to build a product company.”
• “You have to take about 20 shots to make two or three of them work.”

Lightning round highlights

• Disagrees with blanket startup advice: context matters — e.g., “launch early” isn’t universally correct.
• Book recommendation: The Mom Test — for validating ideas before building.
• Productivity habit: daily blocked time for deep work.
• Future business interest: hyper-personalized education (K–adult), powered by AI.
• Fun fact: taught himself programming at age 28.

Practical action items for founders (from Girish’s playbook)

• Don’t code first: conduct 15–20 focused customer conversations to validate urgency and willingness to pay.
• Identify whether you face product or market risk and tailor validation accordingly.
• If you’re trying to productize a services problem, run the service repeatedly, document every step, and automate the repeatable pieces — consider paying experts (auditors/consultants) to observe and learn.
• Experiment broadly with GTM, but be prepared for many failures; double down on channels that show signal. Track time-to-maturity for each channel and plan layered investments.
• With AI: keep system-of-record determinism for audit facts; use AI to automate intermediate actions and surface hidden obligations (contracts, SLAs, insurer requirements).

Where to learn more / contact

• SprintO: sprinto.com (Girish contact: girish@sprinto.com)