At Security Innovation (SI), we have a passion for application security and excellence that is pervasive throughout the organization. It manifests in the commitment to our customers, our commitment to each other and our drive for excellence in all we do. An integral part of our culture is a willingness to consider every way in which we can make our customers and our employees happy, productive, confident, and enriched.  As we’ve continue to grow, we felt it was important to explicitly define the core values from which we develop our culture, our brand, and our business strategies so that both new and existing employees could be reminded of them, embrace them, and help us shape them. 

This was the genesis for the corporate-values exercise we executed at SI.  What I loved most about it is that it was not initiated from our HR department, nor Marketing, nor even myself.  Rather, it was our CTO, Jason Taylor, who led the charge. Jason often finds himself at the intersection of the business, technical, back-office, and customer facing operations at SI; this gives him a unique perspective wherein he witnesses the combination of factors that make us so effective as a company first hand, every day. This is also something that Dinis Cruz, our lead TeamMentor Developer and resident web application expert, has been suggesting we do for a while.  Thanks again, Dinis.

We began by documenting what is important to us, what we value as a company and what defines SI.  It was fascinating to see how similar our values are across the various groups in the company, from our elite ethical hackers, to application risk consultants, to technical support, sales, finance, marketing, et al. While so very different in functional responsibilities, we all share a passion for our industry, a constant focus on excellence, an appreciation of the flexibility the company provides for a work-life balance, an inherent joy working in cross-functional teams, and an unwavering commitment to customer satisfaction. 

The statements below represent core Security Innovation values. These are the foundation on which we’ve built our success as a company, both in terms of delighted customers and happy long-term employees. We have an enviable track record of customer success, in which a majority of our business is repeat or word-of-mouth. We have an incredible record of employee satisfaction with extremely low turnover. As the company grows we want to hold onto that success and maintain the SI feeling that we all love.

External values are those that most directly affect our customers, how we interact with and provide value to our customers. The Internal values are those that most directly affect us as employees, how we interact with each other and maintain a high quality, professional environment and great work-life balance.

External Values

  • Everyone has the right to secure software
  • Everyone has the right to use a computer without fear
  • We focus on the fix
  • Development team education is a key means to achieving better security
  • Everyone can create secure software
  • Increased awareness of security risks and mitigations will result in a healthier software ecosystem
  • 3rd party assessments of software can be used to keep development teams honest with themselves and their users
  • We can add the most value when our customers see us as a trusted advisor to improve security long term
  • We believe in measuring and holding ourselves accountable to customer satisfaction in our services and products
  • We honor our customer’s expectations regarding ethics and good conduct
  • We respect our customer’s right to privacy and do not share or publish sensitive information without consent
  • We follow the best-practices that we recommend, especially when it involves transmission or storage of sensitive customer information

Internal Values

  • We empower our employees to learn and develop their skills
  • We create an environment of trust and open communication among all members of the organization
  • We focus on results, trusting our employees to work in the ways that are most effective for them
  • We create a flexible, rewarding work environment that supports a high quality of life for our employees
  • We believe in trustworthiness with our employees and with our customers and hold ourselves to the highest ethical standards in order to meet that goal

As the CEO of a company that specializes in software and embedded security, one of the most important industries today, there’s an intensity and energy that cannot be ignored. Customers are on edge worrying about a data breach or being out of compliance while hackers are constantly scouring websites and applications for weak spots. Those of us who are defending valuable assets are battling an asymmetric war, an adversary only needs to find a single vulnerability whereas we have to protect the entire attack surface. This only fuels our desire to continue exceeding customer expectations while we push the limits of what’s possible in application security services and education.