Open in app

Sign in

Write

Sign in

Beginning

Laura Bell
SafeStack
Published in
4 min readSep 2, 2015

In July 2015 I did something relatively unusual. I stood infront of 1600 people at the BlackHat conference in Las Vegas and told them about AVA.

AVA is a research project I have been working on for over a year. An experiment to see if we could change the way we assess the risk of our people (in an information security context) in a measureable and repeatable way. I wanted to put people at the centre of our security efforts and build our organisations as resilient, connected groups of people.

The talk itself was not unusual. The strangeness of it was that I stood in this room and spoke for an hour about a tool that is not yet finished, that needs more time, that needs some help.

But the talk wasn’t about the tool really, it was about my vision and about what AVA represented to an industry that has been struggling for a long time to protect and educate its people.

It was featured in a range of magazines and online publications including MIT Tech Review, Wired and Popular Science. More importantly though, it inspired companies and individuals to reach out. People wanted to get involved, to understand and to use our solution….

Slightly problematic given that AVA wasn’t really designed for this scale … and as I had said to a packed room — it wasn’t ready yet.

After the storm

What followed was a storm of activity. Emails and tweets, questions and comments. People around the world wanted to protected their people and they started to come to us. Dozens of requests flooded in and were followed by video chats and calls. We listened to stories. We learned about a world in which large organisations worry about their people but feel powerless to protect them.

Unexpected validation

So a decision was needed.

  • Could AVA become something viable in a commercial sense?
  • Could we turn our research product into real product?
  • Could we see where this crazy adventure is taking us and the industry?
  • Could we do this in a way that respects privacy, ethics and keeps people safe?

We have decided that answer to these is ‘Yes’ or perhaps more honestly ‘I really hope so and I’m willing to put the work in to find out’.

So I think that means we have a startup product now, with all the baggage that label entails.

We have a vision and a business plan, a name that will be public soon and we are fleshing out requirements to get an AVA backed service/product dressed up and out to market for early 2016….

Warning! Hard stuff ahead

We have a long way to go. The way ahead is scary and has more questions than I have answers right now. But this is what the journey is about (or so I am told).

We need to raise funds.

Not a lot of money in the grand scheme of things but probably around $250k which to me right now is a significant chunk of change. We need help with this.

We need to raise this for a company that is based in New Zealand, has a solo female founder, focuses on privacy, ethics and openness and is in an industry considered to be a little on the scary side (security) . My research so far tells me that we are not the typical profile in this space.

This money will support engineering and deployment with a focus on having a safe and secure beta in early 2016.

We need to engineer great things.

Building a security tool when you are a security company is like posting a big kick me on your back and hoping nobody notices. But we are going to give it a shot. (If nothing else its a great reason to dogfood my own advice on how to build secure applications).

We need talented developers who have a keen eye for secure code, a rare commodity indeed.

We need to work with some of the biggest companies on the planet.

These are companies like Microsoft, Twitter, Facebook and Google. We need to integrate into the places where people connect, communicate and trust.

We need to find safe ways to partner with these giant firms in a way that they probably never anticipating partnering (based on their published partnering information anyway).

We need good contacts in these places with open minds and a sense of adventure.

98 3/4 percent guarranteed…

We are going to protect people.

We are going to do it around the world and we are going to do it continuously and with education at it’s heart.

I don’t know if we will succeed but I hope I can share the journey both good and bad.

I hope you’ll come along for the ride.

Startup
Entrepreneurship
Security

--

--

Laura Bell
SafeStack

Written by Laura Bell

1.1K Followers
Editor for

CEO of SafeStack.io, application security wrangler, repeat dreamer, some-time builder, python juggler and mom.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams