top of page

No Funding. Two People. Here's Where We Kick Ass — and the Receipt for Every Claim.

  • Writer: Patrick Duggan
    Patrick Duggan
  • 1 hour ago
  • 4 min read

# No Funding. Two People. Here's Where We Kick Ass — and the Receipt for Every Claim.


We took no venture capital. No Series A, no seed, no bridge. Two people run this on a budget you could mistake for a rounding error. We say that first because most companies say it last, apologetically, as a weakness to be fixed. It is not a weakness. It is the entire point. What follows is a list of the places we out-execute the funded field — and because a claim without a receipt is just noise, every one of them comes with something you can check yourself.




We call breaches before they are disclosed



This is the one that matters, and it is the hardest to fake, because the timestamps are public and permanent.


Six weeks before ShinyHunters disclosed that nine million records had been stolen from Medtronic, we had already published the complete attack-surface matrix for the medical-device sector — naming the exposed targets, counting the pre-staged indicators, showing the phishing infrastructure already in place. That post has a date on it. The disclosure came later. You can hold the two next to each other.


Then Nissan. When the data walked out through a PeopleSoft vendor, we had the command-and-control infrastructure in our index twenty-eight days before the incident surfaced publicly. We even corrected our own earlier read on it in the open, because getting it precisely right matters more than looking clean.


That is not forecasting. A forecast is a guess with confidence attached. This is a receipt — a dated, public record of us describing the thing before the world knew it happened. Two of them, standing up to scrutiny.


We publish what the big feeds do not have



Anyone can resell the same indicators everyone else already has. The free feeds are full of that. The question is how much of what we ship is genuinely ours — and we measure it, in the open, every week.


Of the indicators we source independently — our supply-chain hunts across public code, our honeypot sensor hits, our curated research imports, our bulletproof-hosting map, our malicious-package catalog — one hundred percent are not carried by ThreatFox, the most common free feed people compare us against. Not most. All of them, in those categories. That number is computed live and served at a public endpoint; it is not a slide, it is a query you can run.


Most of what we publish, the feeds you already have simply do not carry. That is the difference between a mirror and a source.


When we flag an exploited vulnerability, we have beaten CISA to it



CISA's Known Exploited Vulnerabilities catalog is the government's authoritative list of what attackers are actually using. When we and CISA both land on the same vulnerability, we tend to get there first — a median of roughly twelve days ahead, tracked live. We will be honest: we do not lead on every single entry, and we publish that honesty too. But when we lead, the gap is measured in days, not hours, and those are the days a defender uses to close the door before the boot hits it.


We run at national-CERT scale on a hobby budget



More than a million indicators. Over two hundred and seventy-five organizations pulling our feed across forty-six countries — including a United States military branch and allied critical-infrastructure operators. Nearly eighteen million documents indexed and searchable. A live production platform processing real threats in real time.


On roughly six thousand dollars a year. Two people. One MN Cup judge, looking at the same numbers, wrote that this is "a level of demonstrated capability that most early stage security companies spend years and millions of dollars trying to establish." We are not going to argue with them.


We carry compliance most funded startups never reach



SOC 2 Type 2, sitting at eighty-one percent and climbing on a budget of about seventy-five dollars a month. DORA Elite tier, verified. FDA 510(k) readiness at ninety-five percent. Thirty-four patent filings. Nearly three thousand individual pieces of compliance evidence, filed and organized. This is the unglamorous scaffolding that lets a serious buyer say yes — and most companies our size have none of it, funded or not.


Why no funding is the flex, not the excuse



The obvious question — the one the judges asked — is how a two-person shop competes with a CrowdStrike or a Microsoft if they decide to come downmarket. The answer is that we do not try to out-spend them. We engineer the cost of producing a detection below the cost of the attack it defeats, and we did it without a single dollar of outside money. A company that needs a war chest to make the math work has a fragility we do not. The lean team is not the thing holding us back that funding would fix. The lean team, forced to be relentlessly efficient, is the thing that produced everything above.


We will cap this the way we cap everything: at ninety-five percent. Something here is wrong somewhere — it always is, and we would rather tell you that than pretend otherwise. But the receipts are real, they are dated, and most of them you can check without taking our word for anything.


No funding. Two people. Come read the timestamps.





Her name was Renee Nicole Good.


His name was Alex Jeffery Pretti.

Comments

Rated 0 out of 5 stars.
No ratings yet

Add a rating
bottom of page