Products and companies I've worked with firsthand and recommend without reservation.
An API-first security infrastructure that gives teams full programmable control over their stack. I built CelesTLSH as a LimaCharlie extension and deploy detection pipelines across client networks every day — it's the platform that makes Detection as Code practical at scale.
Visit LimaCharlieAgentless Linux security monitoring that works on every distro, kernel, and architecture I've thrown at it. No existing EDR comes close to Sandfly's depth of Linux detection — behavioral TTPs, SSH key auditing, and forensic collection without ever installing an agent.
Visit SandflyWhere I served on the DART Team, co-authored the original Detection as Code paper, and helped take down malicious domains through their brand monitoring service. A Charleston-based MDR with a genuinely client-first approach to security operations.
Visit Soteria