About KonaSense
People first AI security for how work actually gets done.
KonaSense was created to solve a simple problem that became a massive risk: employees are using AI everywhere, and security teams cannot see it, control it, or prove compliance.
Our Story
Most companies govern AI with policies, training, and approved tools. That helps, but it is not enough. Real exposure comes from everyday behavior: pasting customer data into chatbots, dropping code into LLMs to debug faster, uploading contracts to AI, or using extensions that route prompts through untrusted services. None of it is malicious. It is people trying to move faster. AI removed the security perimeter; data can leave in seconds. We stopped treating AI security as a tool problem and started treating it as a human workflow problem.
Rafael and Felipe have known each other since they were 14, from the dial-up era and IRC rooms of the old-school hacking scene. Felipe went on to lead the ModSecurity project for many years, one of the world's most used open-source WAFs. Lincoln founded one of the largest cybersecurity consulting companies in Brazil, and they worked together there before each pursuing their own path. Rafael later returned to Tempest with El Pescador; together with Lincoln, they sold it to KnowBe4. Lincoln later sold Tempest to Embraer. That shared history of trust, execution, and a long view of security is what brought us back together to build KonaSense.
KonaSense delivers visibility, control, and protection across every AI interaction: browser, desktop, copilots, and agentic systems. We enforce policy in the moment with allow, block, redact, and coach, so risky behavior is stopped before sensitive data leaves your environment.
What We Believe
Principles that guide how we build and deploy KonaSense.
Humans are the control plane
AI risk lives in human actions: prompts, uploads, copy and paste, and approvals.
Visibility everywhere, not just approved tools
Shadow AI, personal accounts, extensions, and copilots must be measurable.
Real time guardrails beat after-the-fact reviews
Enforce policy at the moment of use with coaching and automatic protection.
Security that helps productivity
The best security is the one people can use every day without friction.
Leadership Team
The founders behind KonaSense.
Founder & CEO
Rafael is a repeat cybersecurity founder with over 20 years of experience building, shipping, and scaling security products. He founded El Pescador, later acquired by KnowBe4, and has operated at the intersection of product, security operations, and enterprise go-to-market. Rafael brings deep expertise in SaaS, threat detection, and building security platforms that work in the real world. He now leads KonaSense as founding CEO, owning vision, strategy, and execution.
Founder & CTO
Felipe Zimmerle is a PhD computer scientist specializing in AI and machine learning security. He led the ModSecurity project for many years, one of the world's most used open-source WAFs, and is the lead architect behind the modern ModSecurity engine, including the libModSecurity rewrite. As CTO and Founder, Felipe leads KonaSense architecture, engineering, and the AI powered detection and enforcement layer that protects employee AI behavior.
Founder & Investor
Cristiano Lincoln founded Tempest Security Intelligence and helped build it into a leading cybersecurity company in Latin America. Through Tempest, he backed and scaled multiple ventures, including AllowMe and El Pescador. After his exit to Embraer, he shifted to strategic investing, leveraging his network and operator experience to accelerate category-defining security companies. At KonaSense, Cristiano is a founder and investor providing capital, strategic insight, and growth support.
Coming Soon
New team member
Human behavior is the new security perimeter.
AI is changing how work gets done. The risk is not the model. It is what happens in the moment: what people paste, click, approve, or automate. KonaSense helps teams adopt AI with confidence by detecting risky behavior and responding instantly with coaching, redaction, or blocking.