Software and web application security

December 30, 2006

Running a security consulting business

Filed under: general — chrisweber @ 2:20 pm

Casaba Security has been in business now for five years. We’ve applied a formula aimed at quality rather than quantity, and loyalty and availability to our clients. Operationally, we grow slow and steady,  we just focus on what we know which is doing good work.

I don’t have much advice for anyone who wants to own a software security consulting firm. I see a lot of people doing it, and some success stories. The basic recipe for a growth-focused success is:

  • find some funding
  • hire top talent
  • blog, publish, speak, do anything to get in the public spotlight
  • hire juniors, train them
  • build the consulting practice by getting more work
  • refine methodologies, build some cool tools and release or sell them
  • keep the momentum and if your executive team is good they’ll be making deals

While I don’t subscribe to some of those ingredients, I can see their value. You can see some of the same people out there applying this formula again and again, flipping companies, repeat.

I’m on a different path though, one which has kept me learning and developing over the years, and staying focused on what really matters – great work for our clients.


Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

Create a free website or blog at

%d bloggers like this: