I am co-founder of the Berryville Insitute of Machine Learning (BIML) where our focus is on security engineering of machine learning solutions.
After 23 years working as a senior executive and Board member at Cigital/Synopsys, I resigned January 4, 2019. Read my official statement here: https://apothecaryshed.com/2018/12/11/leaving-cigital-synopsys-after-23-years/.
I remain a fiercely independent participant in the software security conversation. I serve as a Technical Advisor and Board member to forward-thinking firms (see below). I continue to collect data, make measurements, and do science.
I advise the following companies.
Irius Risk, Chair, Technical Advisory Board
Irius Risk automates threat modeling for secure design at scale.
Legit Security, Chair, Technical Advisory Board
Legit Security secures enterprise SDLCs, protecting pipelines, infrastructure, code and people with an integrated solution.
Maxmyinterest, Board of Advisors
Max is an intelligent cash management solution that helps you earn more on FDIC-insured bank deposits, automatically.
Red Sift, Chair, Technical Advisory Board
Red Sift technology blocks outbound phishing attacks, analyzes inbound emails, and provides domain impersonation defense.
Vaultree, Technical Advisory Board
Vaultree is working in the area of applied fully homomorphic encryption for “data in use” situations.
Active Investments (gemvest, LLC)
Calypso AI
Calypso AI builds technology for trusted AI, focused on machine learning testing, validation, and monitoring.
Protopia AI
Protopia AI is the industry’s first software-only solution that enables Responsible AI at the data level.
Secure Code Warrior
Secure Code Warrior helps developers secure code faster through engaging training and advanced technology. I founded and chaired the SCW Technical Advisory Board for five years until it was disbanded in 2023.
Six Trees Capital
Six Trees Capital, LLC is the founding investor firm of Maxmyinterest, intelligent cash management.  I am a member of the Maxmyinterest Board of Advisors.
LLR
LLR is a private equity firm investing in mid-stage technology companies. Â LLR invested in Cigital during its pre-acquisition rapid growth stage and has an active security portfolio.
Ntrepid
Ntrepid is a private corporation creating advanced security technology.
Ravenwhite Security
Ravenwhite Security is a technology provider fighting phishing and pharming.
RunSafe Security
RunSafe invents and sells cyberhardening technology for vulnerable embedded systems and devices.
Selected Past Boards
Code DX (acquired by Synopsys), Chair, Technical Advisory Board
Code DX was purchaxsed by Synopsys in June 2021. Synopsys Software Integrity Group spun off as Black Duck in 2024.
Cigital (acquired by Synopsys), Board of Directors
Cigital was purchased by Synopsys in November 2016. Synopsys Software Integrity Group spun off as Black Duck in 2024.
Codiscope (acquired by Synopsys), Board of Directors
Codiscope was purchased by Synopsys in November 2016. Synopsys Software Integrity Group spun off as Black Duck in 2024.
Invotas (acquired by FireEye), Board of Advisors to CSG
Invotas was purchased by FireEye in 2016.
Dasient (acquired by Twitter), Technical Advisory Board
Dasient was purchased by Twitter in 2012.
Fortify Software (acquired by HP), Chair, Technical Advisory Board
Fortify was purchased by HP in 2010. Read the story of a successful technology transfer from Cigital Labs through Kleiner-Perkins to HP.
Counterpane Internet Security (acquired by BT), Technical Advisory Board
Counterpane was purchased by BT in 2006.
Authentica (acquired by EMC), Technical Advisory Board
Authentica was purchased by EMC in 2006.
Indigo Security (acquired by Tablus), Technical Advisory Board
Indigo Security was purchased by Tablus in 2004.