Cypress Data Defense was founded in 2013 and is headquartered in Denver, Colorado with offices across the United States. Our goal is to help organizations secure their IT development and operations using a pragmatic, risk-based approach. The diverse background of our founders allows us to apply security controls to governance, networks, and applications across the enterprise.
At Cypress Data Defense, we pride ourselves on our pragmatic and risk-based approach to security. We seek to assist our clients with “right-sizing” their security programs to the risks their organization faces and the risks they are willing to accept. We embrace a risk-based approach to our engagements with clients. Rather than propose large complex projects with expensive tooling, we do a staged approach where different steps, methods, and tools are proven, without exposing our clients to potentially costly missteps. We also recognize that organizations can only successfully implement limited changes at any one time. This is why we encourage our clients to ``level-up`` their security. Making gradual changes that our clients can truly incorporate into their daily practices allow them to gradually develop into a more secure organization. It's this approach that allows our clients to succeed with their security efforts. This core philosophy helps us achieve our main objective, to be your trusted security advisor.
Aaron is a Principal Security Consultant at Cypress Data Defense and an instructor and contributing author for the SANS SEC588: Cloud Penetration Testing, SEC542: Web App Penetration Testing and Ethical Hacking, SEC474: Building A Healthcare Security & Compliance Program, and DEV544: Secure Coding in .NET courses.