Lithuania · B2B SaaS + cybersecurity
Lithuanian SaaS sells in English, ships under NIS2 and VDAI.
Nord Security at USD 3B, Tesonet group at EUR 1B+ in 2024, Hostinger past USD 100M monthly revenue, nexos.ai at a EUR 30M Series A in October 2025 — Vilnius has built Europe's densest cybersecurity export cluster outside Israel. The second tier (Whatagraph, CGTrader, Eneba, Kilo Health, Mintos) buys the same global AI stack but is materially under-cited in AI overview answers. The Lithuanian Cybersecurity Act came into force 18 October 2024; the VDAI Vinted EUR 2.385M fine reset procurement defaults. Apie Arezą — we ship the bilingual EN-LT site, the EU-resident workflows, and the AI-search content that closes that citation gap.
Book a Lithuania SaaS strategy call-
~USD 3B
Nord Security valuation (second round)
Source: PitchBook + Vilnius Tech Fusion 2023 — USD 100M round nearly doubling the April 2022 USD 1.6B unicorn mark
-
EUR 1B+
Tesonet group revenue 2024 (3,500+ staff)
Source: LRT 2025 Tesonet investments interview — parent of Hostinger, Oxylabs, Decodo, CyberCare, nexos.ai
-
USD 100M / +57% YoY 2023
Hostinger monthly revenue Nov 2024 (~3M paying customers)
Source: GetLatka + Hostinger 2023 financial results — EUR 110.2M revenue base, AI website-builder attributed
-
EUR 30M · SOC 2 + ISO 27001 + 200+ models
nexos.ai Series A (Oct 2025, EU-hosted)
Source: TechCrunch + Nord Security press 2025 — Index Ventures USD 8M seed Jan 2025, EUR 30M Series A Oct 2025
-
EUR 2,385,276 · July 2024
VDAI Vinted fine (cross-border EDPB precedent)
Source: EDPB enforcement digest 2024 — Article 17 + Article 5 'shadow blocking' on French / Polish supervisory complaints
-
18 October 2024 · NIS2 transposition
Lithuanian Cybersecurity Act in force
Source: European Commission NIS2 country page + Advisera 2024 — 1,443 essential/important entities registered with NCSC by April 2025
AI landscape
The named tools shaping B2B SaaS + cybersecurity in Lithuania.
-
GitHub Copilot + Cursor
Default IDE pair for Nord, Hostinger, Oxylabs engineering teams; Cursor adoption climbing through 2025-2026 under the same SOC 2 + ISO 27001 source-code-exfiltration controls Nord and Tesonet already enforce on Copilot.
-
HubSpot + Pipedrive + Apollo + Clay
HubSpot dominates marketing + RevOps; Pipedrive (Estonian-origin EU defaults) carries unusually heavy CEE adoption in Lithuanian SMB. Apollo + Clay run outbound across the Vilnius mid-market. All four operate cleanly under VDAI when EU data residency is enforced at the API layer.
-
DeepL + Writer
DeepL is the default EN ↔ LT ↔ DE ↔ PL translation layer, heavier than Google Translate across the Tesonet portfolio. Writer covers brand-style enforcement for global B2B copy on Whatagraph, CGTrader, and the NordLayer marketing surface.
-
Synerise + Tidio + Intercom Fin
Synerise (Wrocław-built behavioural CDP) is the CEE benchmark for Lithuanian DTC scaleups. Tidio (also Polish-built) covers SMB chat with heavy LT footprint. Intercom Fin and Zendesk AI dominate mid-market support deflection at Nord, Hostinger, and Kilo Health.
-
Whatagraph + Kilo Health internal AI
Lithuanian-built AI-augmented stack inside the niche itself. Whatagraph repositioned as AI-first marketing reporting (USD 3.7M ARR, 2,500 customers in 2024). Kilo Health runs internal digital-health AI on its DTC subscription base post-restructuring.
-
Darktrace + SentinelOne + CrowdStrike + Vectra
The named enterprise-cyber AI tools in NordLayer's competitive set. Lithuanian cyber buyers — KAS DGSL, NCSC-aligned essential entities, regulated EMIs — evaluate these four against EU-resident alternatives every renewal.
Nord-orbit landscape
Who actually operates in the Vilnius B2B SaaS + cyber cluster.
Nord Security is the anchor. Founded 2012 by Tomas Okmanas and Eimantas Sabaliauskas, bootstrapped until April 2022 when Novator Ventures led the first outside round at USD 1.6B, then nearly doubled to ~USD 3B in September 2023 on a second USD 100M round (PitchBook; Vilnius Tech Fusion). The portfolio spans NordVPN, NordPass, NordLayer (B2B zero-trust), NordLocker, and Surfshark after the February 2022 combination. Headcount sits around 3,000 across Vilnius, Kaunas, and remote-EU hubs.
Tesonet is the venture builder behind the anchor. Co-founded by the same pair in 2008, Tesonet group revenue exceeded EUR 1B in 2024 across 3,500+ people (LRT 2025 interview). The holding spun out or seeded Nord Security, Hostinger, Oxylabs, Surfshark, Decodo (formerly Smartproxy), Mediatech, CyberCare, and nexos.ai. Oxylabs alone runs 428 staff on a web-data / proxy / scraping SaaS and is a three-year Financial Times top-growing company.
Hostinger sits in Kaunas, not Vilnius. It crossed USD 100M monthly revenue in November 2024 with ~3M paying customers across 150+ countries, on a base of EUR 110.2M in 2023 — a 57% year-over-year jump attributed publicly to AI website-builder features (GetLatka; Hostinger 2023 results). ~900 staff makes it the second-largest Lithuanian software-export brand by revenue after Vinted.
nexos.ai is the strategically interesting newcomer. Founded inside Tesonet in 2024 by Okmanas and Sabaliauskas, left stealth January 2025 with USD 8M from Index Ventures, closed a EUR 30M Series A in October 2025 (TechCrunch; Nord Security press). It is an enterprise AI orchestration layer brokering 200+ models behind one GDPR-compliant, SOC 2 Type 1 + ISO 27001 interface hosted in Europe. Areza's Knowledge Bot and Workflow Ops sit upstream of nexos.ai infra, not competitive with it.
The second tier carries the rest of the niche. CGTrader (Vilnius 3D-model marketplace, USD 9.5M Series B 2021, now investing in AI 3D modelling and QA). Whatagraph (Vilnius + Klaipėda marketing-reporting SaaS, USD 3.7M ARR / 2,500 customers in 2024, repositioned as AI-first). Trafi (Vilnius MaaS, acquired by Enghouse Transportation April 2025 after powering Berlin BVG Jelbi, Brussels STIB, Munich MVG, Zurich SBB).
Eneba (Vilnius gaming-key marketplace, EUR 10M from ILTE November 2025, Riot Games and Garena deals September 2024). Kilo Health (digital-health subscription operator, EUR 11M EBITDA in 2024 after 100+ layoffs and a CEO reset, targeting EUR 1B in 3-5 years). Mintos (Latvian-HQ but Lithuanian licensed, 500,000+ users and EUR 700M+ AUM end-2024).
Operational reality
What a 100-2,000 FTE Vilnius scaleup actually looks like.
Team shape clusters by tier. Nord Security ~3,000 across Vilnius, Kaunas, and remote-EU hubs. Tesonet group ~3,500. Hostinger ~900. Oxylabs ~428. Second-tier firms — Whatagraph, CGTrader, Trafi pre-acquisition, Eneba — sit in the 50-250 FTE band. The shape Areza sells into most often is the 100-500 FTE scaleup with a marketing team under ten people, a single growth lead, and no in-house AI-search competence yet.
English-default plus multilingual marketing. Onboarding decks, internal Slack, customer-facing product copy — all English. Lithuanian survives in HR, finance, and government-facing legal work. NordVPN, Surfshark, and NordPass ship in 30+ languages with the Lithuanian translation often arriving late.
Hostinger publishes in 25+ languages with Lithuanian as one of the smaller surfaces. B2B brands (NordLayer, Oxylabs, Whatagraph) default to English-only with a Lithuanian footer. Russian remains relevant for support cohorts serving the Baltic Russian-speaking minority and selected CEE markets.
Vilnius primary, Kaunas secondary, Klaipėda specialist. Vilnius is the engineering and GTM gravity well. Kaunas is Hostinger HQ plus Evolution Gaming's 900+ engineers. Klaipėda hosts Whatagraph development.
Defence spending at ~4% of GDP — rising to 5-6% by 2026 — is reshaping the Vilnius cyber labour market; the KAS DGSL recruits aggressively from the same pool as Nord and Tesonet, and the post-2022 Ukraine war pulled EU cybersecurity demand upward, with Lithuanian export firms publicly aligned to NATO procurement.
Sales cycles compress versus DACH. A Lithuanian B2B SaaS buyer is faster than DACH and slower than the US. Mid-market deals close in 2-4 months; enterprise cybersecurity procurement runs 6-9 months once SOC 2 responses, DPIA documentation, and EU AI Act preparedness statements are required. Decision-makers expect a video kickoff and one Vilnius in-person before signing — the city is small enough that a coffee in Užupis is rarely declined.
Areza service mapping
Where each service lands inside a Vilnius scaleup.
Foundation — a bilingual EN-LT SaaS site engineered to convert two buyers at once. The global SaaS / cyber prospect evaluates an EU-resident vendor in English; the Lithuanian enterprise procurement reader expects native-grammar copy with a signed DPA download.
Dual EUR pricing (international Stripe plus Lithuanian VAT-correct invoicing), VDAI-correct cookie posture, hreflang wired between `lt-LT` and `en`, explicit EU data-residency disclosures, Organization plus SoftwareApplication plus FAQPage schema in both languages. The `apie X` accusative rule is pre-declined across templates — apie Arezą, su Areza, Arezos paslaugos — not paraphrased after the fact.
AI Search — getting cited in ChatGPT, Perplexity, and Google AI Overviews for the second-tier query set. 'Best VPN 2026' and 'best password manager 2026' are Nord-saturated and not worth fighting.
The winnable queries: 'best EU-resident SaaS reporting tool', 'GDPR-compliant marketing analytics Lithuania', 'best cybersecurity tools for Lithuanian SMB', 'B2B cybersecurity comparison 2026', 'Lithuanian alternatives to Zapier'. The Lithuanian-language equivalents — geriausi rinkodaros įrankiai 2026, kibernetinis saugumas SMĮ — carry lower volume but materially higher conversion when written natively.
Voice Agent — bilingual SDR augmentation plus tier-1 support deflection. English-first outbound on global SaaS prospects, Lithuanian-first inbound on Lithuanian SMB, optional Russian for the Baltic minority cohort.
EU-resident voice infra, VDAI-aware call logging with explicit consent capture. Password reset, billing, T&C lookups are the canonical inbound use cases; the pattern follows the Klarna lesson — deploy AI for deflection volume, keep human escalation paths intact, measure quality not just throughput.
Workflow Ops — the EU-resident automation play. Many Vilnius scaleups still run Zapier with US data residency, survivable for SMB and a procurement-rejection signal once the buyer ships to a Bank of Lithuania-licensed EMI, a NIS2-essential entity, or a public-sector tender. Migration to n8n on Frankfurt or Vilnius-resident infra is a 4-6 week deliverable. It pairs naturally with a nexos.ai orchestration layer for the LLM-call side.
Knowledge Bot — trained on bilingual product docs plus a GDPR / VDAI / NIS2 response library plus the support archive. Lithuanian-grammar-aware, with brand and noun pre-declension, sitting between L1 support and the agent team. Load-bearing for fintech-adjacent SaaS, healthtech, and cybersecurity tenants whose support volume scales faster than headcount budgets.
Growth Stack — full-funnel for cross-EU expansion: paid plus organic plus content plus AI-search visibility on one dashboard, with Lithuanian, English, and a second EU language (Polish, German, or Estonian) treated as distinct creative pipelines rather than translations.
Regulatory + cultural
VDAI, NIS2, the Lithuanian Cybersecurity Act, AI Act — five regimes, one buying motion.
GDPR + VDAI enforcement is the procurement filter. The Valstybinė duomenų apsaugos inspekcija fined Vinted EUR 2,385,276 on 2 July 2024 for Article 17 right-to-erasure failures and Article 5 'shadow blocking' violations, on a complaint chain forwarded by French and Polish supervisory authorities — a cross-border precedent the EDPB published in its 2024 enforcement digest.
Any Areza deployment touching personal data needs a DPIA-ready data flow, especially when LLM vendors process EU data outside the EEA.
NIS2 plus the Kibernetinio saugumo įstatymas. The new Lithuanian Cybersecurity Act came into force on 18 October 2024, transposing NIS2 and replacing the 2018 regime; the recast implementation resolution followed on 12 November 2024 (European Commission NIS2 country page; Advisera).
The Lithuanian NCSC registered 1,443 essential and important entities by ~17 April 2025, with organisational measures required within 12 months and technical measures within 24. The NordLayer B2B buyer is now mandated to deploy an incident-response plan and a designated cybersecurity officer; Areza's Knowledge Bot and Workflow Ops fit cleanly into the supplier-side compliance posture.
EU AI Act. Annex III high-risk applies to AI in employment screening, creditworthiness scoring, and access to essential services. The 2 August 2026 compliance deadline holds under the current Council / Parliament push toward 2 December 2027 for standalone systems. Article 50 transparency applies to any SaaS feature that produces synthetic content or interacts as a chatbot — Areza's Voice Agent and Knowledge Bot deployments need explicit AI-disclosure copy in both EN and LT, not just one.
EU Cybersecurity Act plus CE marking. Cybersecurity products sold into EU public-sector and essential-entity buyers are increasingly tested against the EUCC scheme and ENISA expectations. SOC 2 and ISO 27001 are baseline; the EU certification stack is the next bar. Bank of Lithuania EMI / PI rules, DORA from 17 January 2025 for financial entities and their critical ICT providers, and ePrivacy plus the Lithuanian Electronic Communications Law layer on top.
Lithuanian morphology is hard and procurement-visible. apie X requires accusative case — apie Arezą, never apie Areza. Hardcoded `apie {variable}` templates break Lithuanian grammar everywhere the variable lands. Translation tools that ignore noun declension produce uncited slop the VLKK (State Lithuanian Language Commission) treats as Lithuanian-language-mark violations. Areza pre-declines brand and noun forms in templates, schema, and AI-generated paragraphs.
Search + AI citation gap
Where the Nord-orbit second tier goes invisible.
Current ChatGPT, Perplexity, and Google AI Overviews answers to 'best VPN' / 'best password manager' / 'best cybersecurity tools 2026' are dominated by NordVPN, NordPass, Surfshark, ExpressVPN, 1Password, and Bitwarden. Nord lineage means real branded competition in the answer box — Areza will not break in there, and trying is the wrong fight.
The under-served query set is where the wedge sits. 'EU-resident reporting SaaS for marketing agencies' — Whatagraph rarely surfaces in EN AI answers; Polish, German, and US-built alternatives dominate. 'GDPR-compliant CRM for Lithuanian SMB' — Pipedrive shows as the CEE token; Lithuanian-context content is near-zero.
'AI marketing tools for Lithuanian B2B' — US-default lists, no local-language sourcing. 'Best cybersecurity tools for Lithuanian SMB' — Nord-orbit dominates the consumer-VPN slice; the SMB-cyber-toolkit query is open. 'Lithuanian B2B SaaS comparison' — long-tail vendor-comparison content is structurally missing.
The Lithuanian-language equivalents carry lower search volume but materially higher conversion when written natively. The volume math forces a long-tail plus GEO citation strategy over a keyword-volume strategy — a structural advantage for Areza if the content engine ships sourced, structured, case-rich copy with correct Lithuanian grammar.
A procurement buyer asking ChatGPT for 'Lithuanian alternatives to Zapier' or 'EU-resident workflow automation' gets a near-empty answer; Areza's content engine produces those answers and gets them cited.
Case studies
Public patterns in B2B SaaS + cybersecurity that inform the Areza wedge.
-
Nord Security — the bootstrapped-to-USD-3B trajectory every Vilnius founder cites
Nord Security stayed bootstrapped from 2012 to April 2022 — a full decade before taking outside capital. Novator Ventures led the first round at USD 1.6B; the September 2023 USD 100M round nearly doubled the valuation to ~USD 3B (PitchBook; Vilnius Tech Fusion; Fortune). The Surfshark combination in February 2022 consolidated the consumer-VPN market under one EU-resident operator. The lesson Vilnius scaleups read off this trajectory is concrete: a Lithuanian B2C / B2B hybrid can scale to billions on bootstrapped fundamentals, with SOC 2 + ISO 27001 + EU residency as the procurement-table moat. Areza positions opposite Nord, not against it — the Foundation plus AI Search bundle is structured for the 100-500 FTE second tier that needs to look procurement-credible without a Tesonet-scale internal compliance team.
-
Hostinger — global expansion attributed to AI website-builder features
Hostinger crossed USD 100M monthly revenue in November 2024 with ~3M paying customers across 150+ countries, on a EUR 110.2M 2023 base — a 57% YoY jump (GetLatka; Hostinger 2023 results; TNW). Management attributed the growth publicly to AI website-builder features. The operational signal for Areza prospects: AI features inside the product (not as a marketing veneer) compound retention and average revenue per user in a way that pure traffic acquisition does not. A Series A-B Vilnius SaaS that ships AI-native features and gets cited in AI overviews for the relevant category queries captures the same compounding flywheel at a smaller scale.
-
Kilo Health — the digital-health subscription DTC restructure
Kilo Health hit EUR 11M EBITDA in 2024 after a 100+ headcount reduction and a CEO reset, with stated targets at EUR 1B revenue inside 3-5 years (Sifted). The operational lesson is the opposite of the Nord trajectory — a subscription DTC operator that scaled fast, hit a margin wall, restructured, and is now rebuilding on tighter unit economics. Areza's AI Search plus Voice Agent bundle is well-fit for this profile: AI-search citations compound at near-zero marginal cost, and a multilingual Voice Agent removes one to two FTE of manual triage at the customer-support layer.
-
Whatagraph — Lithuanian-built marketing reporting AI
Whatagraph hit USD 3.7M ARR with 2,500 customers in 2024 on USD 9.6M raised, repositioned as AI-first marketing reporting (GetLatka). Vilnius plus Klaipėda plus Amsterdam shape mirrors the typical Areza prospect — 50-150 FTE, English-default GTM, mid-market US plus EU customer base. The AI-search gap is visible: Whatagraph rarely surfaces in EN AI overview answers for 'EU-resident reporting SaaS for marketing agencies'. Polish, German, and US-built alternatives dominate the citation set despite Whatagraph being the only operator in the slot that is built and hosted in the EU.
-
CGTrader — 3D-model marketplace with AI quality control
CGTrader closed a USD 9.5M Series B in 2021 led by Evli Growth Partners, now investing in AI 3D-modelling and QA (EU-Startups). The marketplace shape — enterprise plus indie creator dual-sided — is structurally similar to Eneba (gaming keys) and Pigu (Baltic e-commerce). The AI-search wedge for marketplaces is category-query citation: 'best 3D model marketplace for game studios', 'GDPR-compliant 3D asset library Europe'. These queries return US-defaults; CGTrader is materially under-cited despite owning the EU-resident slot in the category.
-
Eneba — Vilnius gaming-key marketplace, EUR 10M ILTE, Riot and Garena deals
Eneba received EUR 10M from ILTE (the Lithuanian state investment vehicle) in November 2025, on the back of Riot Games and Garena distribution deals signed in September 2024 (Baltic VC). The procurement signal: a Vilnius marketplace can win Tier-1 game-publisher distribution by proving SOC 2 / KYC / EU-resident infrastructure plus a clean fraud track record. AI-search relevance for Eneba is dual — consumer queries ('best place to buy game keys 2026') sit alongside the publisher-facing B2B queries ('EU-resident gaming key distribution partner'). Areza's content engine can serve both layers from one bilingual content surface.
Let's build the foundation your business actually deserves.
Frequently asked
-
Do I need a Lithuanian-language site if my SaaS sells globally?
Depends on the buyer mix. If revenue is 90%+ from outside Lithuania (Nord, Hostinger, Oxylabs pattern), English-default with a Lithuanian footer plus a localised privacy / DPA / cookie page is enough. If you sell into Lithuanian enterprise, EMI, public-sector, or NIS2-essential buyers, you need bilingual EN-LT with native-grammar Lithuanian copy on procurement-facing pages — the `apie X` accusative rule, declined brand forms (apie Arezą), and a Lithuanian-language DPA download. Procurement readers screen for it. We ship bilingual by default and let the buyer mix decide which surface is primary.
-
How does VDAI plus NIS2 plus the Lithuanian Cybersecurity Act change my GTM stack choice?
Concretely: tools that ship Meta Pixel or Google Pixel by default without explicit consent gating need reconfiguration or replacement. The VDAI Vinted EUR 2.385M fine in July 2024 set the precedent — Lithuanian DPOs explicitly check vendor cookie behaviour during procurement. The 18 October 2024 Lithuanian Cybersecurity Act registered 1,443 essential and important entities with the NCSC by April 2025; each one is now mandated to deploy an incident-response plan and a designated cybersecurity officer. Vendors that cannot answer 'where is the data, who has it, how do I get it deleted' in under five minutes get filtered. Areza configures Consent Mode v2 with all-denied defaults, EU-resident data, signed DPAs at engagement start, and Lithuanian-language assets standard.
-
Is EU data residency really a blocker for US-built tools in Lithuanian SaaS?
It depends which layer. Code AI (Copilot, Cursor) operates fine under existing SOC 2 / ISO 27001 controls already enforced at Nord, Hostinger, and Oxylabs — the source-code-exfiltration question is solved by enterprise plans plus EDR. CRM, support, and workflow automation are different. A Lithuanian-licensed EMI, a NIS2-essential entity, or a public-sector buyer increasingly requires EU-resident processing for personal data. The pattern Areza ships is migration from US-resident Zapier to EU-resident n8n on Frankfurt or Vilnius infra, with a nexos.ai orchestration layer for the LLM-call side. The migration is 4-6 weeks; the procurement upside is immediate.
-
When does an AI-search budget actually start to matter for a Lithuanian SaaS?
Series A is the inflection. Below that, the bottleneck is product-market fit, not citation. From Series A onward — when the buyer journey involves 3+ stakeholders and a 30+ day evaluation cycle — your absence from ChatGPT, Perplexity, and Google AI Overviews answers materially compresses pipeline. For the Nord-orbit second tier (Whatagraph, CGTrader, Eneba shape), this typically hits at ~50-100 paying customers and EUR 500K-1M ARR. The Lithuanian-context citation gap is structurally wider than the Swedish or German equivalent, which is why early movers compound faster.
-
Should I hire an in-house growth team or work with Areza?
The honest answer is augmentation, not replacement. A mature in-house growth team owns brand, paid, and lifecycle; Areza ships AI-search infrastructure (schema, AI-overview-friendly content, programmatic content per category × country) that the in-house team measures and iterates. For a 100-500 FTE Vilnius scaleup without an AI-search lead yet, the typical engagement is a 6-month retainer with 2-3 cross-team check-ins per month, transitioning to internal ownership in months 7-12 once the playbook is documented. For under-100-FTE pre-Series-A teams, Areza often replaces the growth function entirely for the first 18 months.
-
Vilnius hires versus international hires — what does the talent gravity actually look like?
Vilnius is the primary engineering and GTM gravity well; Kaunas is the Hostinger / Evolution Gaming secondary; Klaipėda hosts Whatagraph development. Defense spending at ~4% of GDP rising to 5-6% by 2026 is reshaping the Vilnius cyber labour market — the KAS DGSL recruits from the same pool as Nord and Tesonet. Senior product engineers and security engineers are scarce; international remote hires (Berlin, Warsaw, Lisbon) close the gap at the senior level. Areza-shaped work (AI-search content, schema engineering, bilingual copy, voice-agent prompts) is structurally remote-first and rarely competes with Vilnius engineering hires for headcount budget.
Where to start
Services that fit B2B SaaS + cybersecurity in Lithuania.
- AI Search
Nord-orbit second tier is materially under-cited in AI overviews for the winnable query set — 'EU-resident reporting SaaS', 'GDPR-compliant CRM Lithuanian SMB', 'best cybersecurity tools for Lithuanian SMB'. First-mover citation advantage compounds.
- Foundation
Bilingual EN-LT conversion-first build in 2-4 weeks. Lithuanian morphology pre-declined (apie Arezą), VDAI-correct cookie posture, Bank of Lithuania / NIS2 / DPA trust surfaces wired in by default.
- Workflow Ops
EU-resident n8n migration off US-Zapier — required once you sell to Bank of Lithuania-licensed EMIs, NIS2-essential entities, or public-sector tenders. Pairs naturally with a nexos.ai orchestration layer.
- Knowledge Bot
Bilingual product docs plus GDPR / VDAI / NIS2 response library plus support archive. Lithuanian-grammar-aware with brand and noun pre-declension. Load-bearing for fintech-adjacent SaaS and cybersecurity tenants.
Further reading
Operator-perspective writing.
Reviewed by Nikita Janockin, Founder · Last updated 17 May 2026
Sources (6) →
- PitchBook + Vilnius Tech Fusion 2023 — USD 100M round nearly doubling the April 2022 USD 1.6B unicorn mark
- LRT 2025 Tesonet investments interview — parent of Hostinger, Oxylabs, Decodo, CyberCare, nexos.ai
- GetLatka + Hostinger 2023 financial results — EUR 110.2M revenue base, AI website-builder attributed
- TechCrunch + Nord Security press 2025 — Index Ventures USD 8M seed Jan 2025, EUR 30M Series A Oct 2025
- EDPB enforcement digest 2024 — Article 17 + Article 5 'shadow blocking' on French / Polish supervisory complaints
- European Commission NIS2 country page + Advisera 2024 — 1,443 essential/important entities registered with NCSC by April 2025