Trey gets LOST

September 20, 2010

Okay, so I’ve been quiet on the blog-thing for a while.  More on that later.  I’m tired, sore from long days of riding …

Here are a handful ‘o photos for those interested.

Bill with two BMW R 1200 GS bikes in Monument Valley

Hanging my Helmet

Bill and I in Monument Valley

Pics taken while riding

Off into the Sunset

Trey Ford leaves WhiteHat Security

October 20, 2009

So, I’ve got news to share on the professional front: Yesterday was my last day at WhiteHat Security .  I’ve kept this transition pretty quiet, but figured I should include a brief post about it here.

I’m leaving the premier SaaS player in the Web Application Security game.  <shamless_plug> For those who don’t know what we’ve been building over at WhiteHat Security, take a look.  The Sentinel Platform is IMHO *THE* most flexible way measure website/application security risk to date.  Seriously, whether the website is big or small, valued or worthless; whether the business understands website security or not – WhiteHat has a service level to help. </shameless_plug>

If you know anything about WhiteHat you may think me crazy for leaving.  The best I can explain is my heart is in product management.  I may have been able to do that in a couple of years for WhiteHat, a little bit, maybe… but I was rocking a position that my heart just was not in.

I like how Steve Johnson puts it: “You need product management if you want low-risk, repeatable, market-driven products and services.  It is vastly easier to identify market problems and solve them with technology than it is to find buyers for your existing technology.”  WhiteHat has this nailed – they are directly in front of what the market needs for website security. It was Kevin Overcash at WhiteHat who first introduced me to the process of Product Management a few years ago.  I knew instantly that it was what I yearned to do.

Don’t get me wrong, I am absolutely proud to have been a member of the team and family at WhiteHat.  Proud of the work we have done, relationships we have forged, and milestones we have smashed!  The decision to leave was not easily made.

So we get back to the question of “Why are you leaving?” …and there are a couple of reasons:

In this new role, I will no longer be a sales resource.  My primary role at WhiteHat was that of a Sales Engineer, and my heart just wasn’t in it.

My heart is in Product Management, it is time to execute on that.

“What is that?”

“Product management is a well-understood role in virtually every industry except technology… The role of product management spans many activities from strategic to tactical – some very technical, others less so. The strategic role of product management is to be messenger of the market, delivering information to the departments that need market facts to make decisions.” (for more on this, check out the team at Pragmatic Marketing)

I have an opportunity to do this full time, and it is the right move.

“Why not do this for WhiteHat?”

We had it covered.  We had it covered in spades.

In a small company, if you have a diverse skillset, you help everywhere you are needed.  This solves tactical needs (is good for the team), and diversifies your experience base (is good for you).  Depending on the needs of your organization, your desire for strategic growth may be trumped by tactical needs (this is kinda what the sales organization is all about…)

I had kinda become the little dutch boy – I was completely tied up solving tactical problems, the strategic stuff I yearned to do was inaccessible.  There was no near-term opportunity for a move to product management inside WhiteHat.

“Where are you going?”

Keeping that under wraps for the moment.  I still have a LOT to wrap my head around with becoming a full time PM.  I am not leaving security, and I am not moving.

There are a couple of you who know, and I am going to ask you to keep it to yourself at this time.

Closing Thoughts

I am proud, and I am thankful.  I wish my team and associates back and WhiteHat the very best.  I am thankful to the partners, their friendship and generosity (sorry guys, you to too many to be named).  I appreciate all the coaching and banter and late nights with Jeremiah Grossman, working on presentations, discussing industry level problems, and his incessant need to tap EVERYONE out.

So Thank-You WhiteHat.  So many bright individuals, and up and coming talent, and wonderful friends- I am going to enjoy watching you grow.  Thanks for everything!

Off to go study for my private ticket!

My Big Green Egg

August 13, 2009

My Big Green EggSo I bought this crazy space-ship smoker thing called a Big Green Egg from Eggs by the Bay in Santa Clara, CA.  (this is what happens after hanging out with Garret Blythe and Arian Evans … I am left coveting this contraption)

Think Weber, or maybe the Weber Bullet , but bigger and smarter.  Think nonconductive and insulating, don’t build it from metal (so you can spread, conduct, and waste your heat) but something more like space shuttle ceramics.  Smoking is all about temperature stability!  Holding a temperature for HOURS (not like two hours, but capable of doing this for something more like thirty!)

Elemental Fire Discussion:

  • Fuel – feed the BGE only all-natural charcoal (no nasty chemicals), apply
  • Heat – get a stable fire started, manage this with a flow of
  • Oxygen – controlled exclusively by the bottom vent.  This grants you precise
  • Temperature – the furious union of the above elements.

Remaining Variables and Strategy:

  • Heat Placement
    I place a baking stone right above the heat source, forcing the hot air to convect, and not scorch the bottom of your meat.
  • Moisture Management
    Heating the meat is going to dry it, so you need to lock in and resupply moisture if possible. I place a casarole dish full of water or infused water on the baking stone, right below the grill surface.

Now you’re smoking, and need MORE precision.  Just like website security, people do all this work and preparation, but if they are not measuring the live experience, part of the picture is missing. (well, that and instead of hitting the WSJ, your 10 best friends get to order Chinese food)  Anyway, back to food geeking…

Precision Measurement:

  • Pit TemperatureIt is imperative to know EXACTLY what the temperature is where the meat is cooking.  This is a good thing.  Better than measuring somewhere else, like maybe up at the top of the grill lid.  It would be better measurement could be obtained by NOT opening the lid and losing temperature.Remember: smoking is about temperature stability- for a long, LONG time.

  • Meat Temperature
    Cooking very low and very slow, it should take a lot of time for the meat to climb up to the target temperature.  This allows for killing evil little micro-organisms, emulsifying fat, and thermal destruction of connective tissues.  (read: moist tender meat falling off the bone)

Auditors like data points.  I am no different.  So I invested in a Stoker I will geek out on this in just a minute.

The Strategy (broken down):

The ideal temperature for very slow cooking pork ribs is 185 F.  This allows a slow asymptotic arrival at a safe pork temperature of 170 while the meat absorbs HUGE volumes of smoke.  I have a diffuser plate (actually, a foil wrapped baking stone) right above the coals to make the heat convective rather than direct, and keep a pan of mesquite infused water adding moisture to the meat along the way.  (the infusion is a result of three days of soaking the mesquite blocks which are interspersed in the all-natural hickory charcoal)

So, as I continue studying, experimenting, and taking notes on this evolution- the tighter the control can be, the more focus can be placed on preparation and presentation.

Last night, we cooked about 15 lbs of pork ribs from Bianchini’s.  (these ribs were cut country style- they were THICK)  Preparation was varied in three ways:

The ribs were dry rubbed with one of the following:

So now it is all over but the smokin!! Just for fun, here is a graphical outlay of last night’s experiment…

Seriously Geeked out BBQ
Seriously Geeked out BBQ

…so Stoker Log (I found the link on the Virtual Weber Bullet site, you can download their software )  only runs on Windows (today…), so I keep the stoker on my *untrusted* network segment with my *untrusted* XP box.  (obviously, this kind of software is going to be rigorously security tested)  This makes it harder for Mike Bailey to deliver his BBQ-hating attack payloads to my Stoker (never mind that the Apple goodness lives on the *trusted* network, provided he can slip past no-script plugins…)

This only goes to show you that no matter what your use case is, no matter what your software is… if you aren’t testing your software, SOMEBODY else will be!

Anyway, that’s all I have time for today.  Enjoy, and smoke on!