I am co-founder of the Berryville Insitute of Machine Learning (BIML) where our focus is on security engineering of machine learning solutions.

After 23 years working as a senior executive and Board member at Cigital/Synopsys, I resigned January 4, 2019.  Read my official statement here: https://apothecaryshed.com/2018/12/11/leaving-cigital-synopsys-after-23-years/.

I remain a fiercely independent participant in the software security conversation. I serve as a Technical Advisor and Board member to forward-thinking firms (see below). I continue to collect data, make measurements, and do science.

I advise the following companies.

Calypso AI, Chair, Technical Advisory Board

Calypso AI builds technology for trusted AI, focused on machine learning testing, validation, and monitoring.

Irius Risk, Chair, Technical Advisory Board

Irius Risk automates threat modeling for secure design at scale.

Legit Security, Chair, Technical Advisory Board

Legit Security secures enterprise SDLCs, protecting pipelines, infrastructure, code and people with an integrated solution.

Maxmyinterest, Board of Advisors

Max is an intelligent cash management solution that helps you earn more on FDIC-insured bank deposits, automatically.

Red Sift, Chair, Technical Advisory Board

Red Sift technology blocks outbound phishing attacks, analyzes inbound emails, and provides domain impersonation defense.


Active Investments (gemvest, LLC)

Protopia AI

Protopia AI is the industry’s first software-only solution that enables Responsible AI at the data level.

Secure Code Warrior

Secure Code Warrior helps developers secure code faster through engaging training and advanced technology.  I founded and chaired the SCW Technical Advisory Board for five years until it was disbanded in 2023.

Six Trees Capital

Six Trees Capital, LLC is the founding investor firm of Maxmyinterest, intelligent cash management.  I am a member of the Maxmyinterest Board of Advisors.


LLR is a private equity firm investing in mid-stage technology companies.  LLR invested in Cigital during its pre-acquisition rapid growth stage and has an active security portfolio.


Ntrepid is a private corporation creating advanced security technology.

Ravenwhite Security

Ravenwhite Security is a technology provider fighting phishing and pharming.

RunSafe Security

RunSafe invents and sells cyberhardening technology for vulnerable embedded systems and devices.

Selected Past Boards

Code DX (acquired by Synopsys), Chair, Technical Advisory Board

Code DX was purchaxsed by Synopsys in June 2021.

Cigital (acquired by Synopsys), Board of Directors

Cigital was purchased by Synopsys in November 2016.

Codiscope (acquired by Synopsys), Board of Directors

Codiscope was purchased by Synopsys in November 2016.

Invotas (acquired by FireEye), Board of Advisors to CSG

Invotas was purchased by FireEye in 2016.

Dasient (acquired by Twitter), Technical Advisory Board

Dasient was purchased by Twitter in 2012.

Fortify Software (acquired by HP), Chair, Technical Advisory Board

Fortify was purchased by HP in 2010. Read the story of a successful technology transfer from Cigital Labs through Kleiner-Perkins to HP.

Counterpane Internet Security (acquired by BT), Technical Advisory Board

Counterpane was purchased by BT in 2006.

Authentica (acquired by EMC), Technical Advisory Board

Authentica was purchased by EMC in 2006.

Indigo Security (acquired by Tablus), Technical Advisory Board

Indigo Security was purchased by Tablus in 2004.

Academic Boards

School of Informatics, Indiana University, Dean’s Advisory Council

Department of Computer Science, University of California, Davis, Industrial Affiliates Board of Advisors

Department of Computer Science, University of Virginia, CLAS BA Computer Science Committee

IEEE Computer Society, Board of Governors

Loading posts...
Sort Gallery