38 Years Breaking Things
So You Don't Have To.

Security consulting & product engineering by Kevin Stallard.

ThreatTape is the security consulting and product practice of a 38-year veteran of IBM/ISS, Northrop Grumman/CDC, U.S. Bank, and Microsoft/Activision. We don't just advise — we build production security tools. Then we use that experience to secure yours.

Book a Consultation View Services

What We've Shipped

Production security tools built from real-world experience

In Pilot

EDD-i

Enterprise cybersecurity compliance platform. Real-time scoring across CIS Controls v8, NIST, HIPAA, and GDPR with AI-powered risk analysis and automated remediation.

  • Multi-framework compliance scoring
  • AI-driven risk analysis (FAIR model)
  • Integrated vulnerability scanning (EDGAR module)
  • Cyber governance scoring (CGAP module)
Visit edd-i.com Product Details
In Pilot

Ostraq

Election security platform. Cryptographic ballot verification with Shamir threshold keys, Merkle chain audit trails, and post-quantum encryption. NIST 800-53 High baseline.

  • Shamir secret sharing key management
  • Merkle chain audit trail
  • Post-quantum encryption (ML-KEM-1024)
  • Containerized appliance deployment
Visit ostraq.com Product Details
In Development

SourceIQ

Content provenance and threat intelligence engine. Paste any social media URL — get a full intelligence report on where it came from, who spread it, and whether it's true.

  • 5 parallel analysis engines
  • Composite trust scoring (0-100)
  • Campaign fingerprinting with STIX export
  • Free for individuals, always
Visit sourceiq.info Product Details
In Development

ThreatTape Recon

Automated reconnaissance and OSINT platform for penetration testers. Domain enumeration, CVE mapping, executive profiling, and TOR-anonymous scanning in one containerized tool.

  • Automated domain and subdomain enumeration
  • CVE mapping and vulnerability correlation
  • Executive and organizational profiling
  • Compliance-ready PDF reporting
Product Details

How We Can Help

Decades of experience distilled into services that actually move the needle

Security Architecture

Zero trust, cloud security, network segmentation. Built on decades of what actually holds up.

Penetration Testing

Real-world attack simulations. Findings with context, not vulnerability dumps.

Compliance & Regulatory

FedRAMP, CMMC, SOC 2, HIPAA, PCI-DSS, ISO 27001, NIST CSF, CIS Controls.

Incident Response

24/7 emergency response. Forensics, containment, recovery. Been there before.

Virtual CISO

Senior security leadership without the salary. Shows up in the server room, not just the boardroom.

Executive Advisory

Translate technical risk into board-level decisions. M&A due diligence. Expert witness.

View All Services
CISSP CISM Certified Blockchain Professional Expert Witness 3 Patents Approved 13 Patents Pending

Bring Your Hardest Problem.

First conversation is free. No pitch deck. No sales team. Just an experienced CISO who will tell you what's actually broken and help you fix it.

Book a Free Consultation