Values Statement

Below are some value statements which we use to guide our interactions, views, and long term planning. We believe each statement is critical to the success of our organization and our consulting engagements.


Security that says no is security which does no one any favors. Our role is to understand your business, inform on risk, and help accelerate engineering quality and confidence.

Risk Is A Shared Responsibility

As mentioned above, one of our roles in to inform on risk. We provide unbiased, well documented reasoning. We provide acceptable alternatives when risks are deemed unacceptable to your business.

We follow evidence-based industry best practices.

We document big decisions, who made them, when, and under what risk mitigation rationale.


In order to maximize the value of our engagements, we put top value on communication, expectation setting, planning, and alignment on solutions.

Automate All The Things

If something is worth doing twice, it’s worth automating.

Embracing the DevOps mindset, we seek full automation of testing and deployment related activities. Reporting, analytics, and parts of security can be automated for maximum value.

Make Data-Driven Decisions

Any change that is worth making is worth measuring.

Success is defined through creating goals, collecting analytics, and following the data. We can make assumptions, particularly when the problem or data is not well understood, but those assumptions eventually need data to back up any conclusions.

Communicate With Empathy

More than any other process optimization method, empathetic communication with a focus on listening and understanding, can accelerate team cohesiveness and productivity. Proactive communication saves time and drives alignment between colleagues.