The Defenders Initiative

Hi, I’m Adrian - the founder and principal researcher at The Defenders Initiative. I founded this firm initially so that I’d have a DBA to operate under as I tested out going solo and replacing the day job with contract work from various clients.

That was the short-term reason why The Defenders Initiative exists. The long-term goal was to create an outlet for my thoughts and the research I’ve been working on for over a decade.

What you can expect from this Substack:

• Deep, detailed breach analysis

• Analysis of cybersecurity market trends

• Analysis of enterprise security trends

• Thoughts and research on vulnerability discovery, disclosure, and management

Why Subscribe?

The flagship focus of this Substack will be our breach analysis.

Finding the details of how a breach happens is a time-consuming endeavor. Sometimes a federal investigation releases a report 18 months after the breach. Sometimes the open source maintainer shares how he got hacked in the comments on a GitHub issue. Sometimes Canadian privacy commissioners investigate a breach and release the results.

The results of our analysis seem too important to put behind a paywall, but if I can monetize the process enough to pay for interns, I can accelerate the process of publishing these write-ups. After discussing this dilemma with dozens of folks, I came up with a compromise: breach analyses go behind the paywall for 6 months and then become free forever.

This seems like a reasonable compromise to me - after all, nothing we’re publishing contains time-sensitive information. Breach details often take months or years to get released to the public and I’m determined to make these reports high enough quality to make the $10 per month subscription worth it.

Why study breaches?

I believe strongly that enterprise security strategy should be guided, in part, by lessons from failures. Most of the time, breach details are kept secret by corporate lawyers, but not always. Sometimes, details escape into the public sphere. That’s when we scoop them up, analyze them, and share the lessons security teams everywhere should be learning from them.

I believe that breach transparency will inevitably become the norm, whether through practice, or more likely, through regulation - as this is the norm in every other industry concerned with safety and improvement.

Who is The Defenders Initiative

For the first two years, it was just me, but as I started year three, I decided the business was stable enough to start an internship program! I hired our first intern, Vladimir Serov, in February 2026 to help me analyze and publish the breach details I’ve been compiling for over a decade.

About Adrian

Adrian is the Founder and Principal Researcher at The Defenders Initiative, a firm he founded to feature and support decades of cybersecurity research. His background spans technical, GRC, and leadership roles with a background as a practitioner, incident responder, penetration tester, and PCI QSA.

His current research focuses on improving vulnerability management and breach analysis. The Defenders Initiative is systematically publishing easy-to-consume lessons learned from every breach where we have a deep understanding of how the attack happened. He also maintains “Destroyed by Breach” - a list of all companies that have gone out of business due to a cybersecurity breach or incident. There are currently 26 businesses on the list.

He is the host of the Enterprise Security Weekly Podcast and the Alice in Supply Chains Podcast. As faculty at IANS Research, he advises hundreds of enterprises every year. After helping to deliver 11 successful events, he retired from BSides Knoxville in 2025 but remains a member of the Global BSides committee. He is also a member of several other community groups like the Security Tinkerers and the Cybersecurity Canon.

After 25+ years in the industry, he still sees the glass as half full.