About

FILE:: About / Principal
PRINCIPAL:: Kevin Stallard
CREDENTIALS:: CISSP · CISM · Founder · Co-inventor on US Patent
IN THE FIELD SINCE:: 1988
STATUS:: Available for engagement

BIOGRAPHY:

"My name's Kevin Stallard, Founder of Threat Tape. I built the first student-run webserver at Georgia Tech back when the web was still a research network, when if you had questions, you emailed Tim Berners-Lee or Marc Andreessen directly. I left school early to take a job at AirTouch Cellular (now Verizon Wireless), where I built the company's first intranet site, including a radio cell tower database app for engineers in the field. Years later, when I went back to Kennesaw State to finish my degree, I parleyed that same application into my senior project. Once I graduated, I took a job at Internet Security Systems (now IBM), working on one of the first intrusion detection systems in the market and running threat-signature delivery inside the X-Force research team. I didn't plan that sequence. I took advantage of it. The work taught itself, in production, before there was anyone around to teach it. Half the practices we now call security best practices are things I watched get figured out the first time. Sometimes by me. That's the warmup.

Things got more interesting after that. Now I was playing for much higher stakes. I started at EarthLink, writing anti-spam tooling that helped prosecutors take down two of the most notorious spammers of that era: Howard 'The Buffalo Spammer' Carmack and Sanford 'The Spam King' Wallace. Then I moved on to the CDC, where I took care of cryptographic equipment for field teams while Ebola had the world's attention, and secured systems that, if compromised, would have resulted in the deaths of hundreds of innocent people in far-off parts of the world. Subsequently, I spent a few years as AVP at U.S. Bank, where I built Elavon's Threat Hunting organization from scratch, including writing what literally became the book on how Threat Hunting should work at a $700B financial institution. Finally, I directed the security architecture through Microsoft's acquisition of Activision Blizzard, the biggest deal the games industry has ever seen, including the hard calls about what code and data could and couldn't cross into China. I ran launch-day security for Call of Duty, World of Warcraft, and Diablo 4, the days the whole internet shows up at once to try to break in. I've taken the expert-witness call under seal.

When you have something that seems impossible, or you need to hear the truth and find a way out of the mess you're in, that's when you call me."

PRACTICE:

"What I sell isn't a methodology. It's pattern recognition you can only build by being wrong under pressure and surviving it. I learned mine in a few specific rooms. The OCC examiners across the table from a $700B bank's security program. The working group that drew the lines on what could and couldn't cross into China during a $69B acquisition, I was the architect's boss in that room. The FBI's analysts on a connection-data problem that shouldn't have left American servers but did. Those rooms don't hand you a checklist. They hand you a problem with consequences attached, and you find out fast whether what you thought you knew survives contact with the actual thing. A lot of the job is telling a CEO the thing his last vendor sold him isn't security. It's compliance theater with a bigger invoice. It's the dashboard-vendor industrial complex. It's a checkbox he can show his board that has nothing to do with whether someone's already inside his network. Most CEOs don't want to hear that. The ones who do are the ones I work with."

PERSON:

"Outside the file, I ran Dragon Con's Video Gaming Track for seventeen years. I still go back as a featured speaker, so yes, you can come see me talk. I spoil my dog and my kids rotten. Some of my best friends are people I met through video games over the last thirty years. Blizzard once made me an NPC bartender in World of Warcraft because a developer liked one of my drinks. That's about as close to immortality as a security guy gets. I co-own a fan convention called Nerdi Gras. I write the things a corporate seat won't let you say in the meeting. Some of what's in the Mad Scientist Lab on this site started at two in the morning because it sounded fun. The rest of it started because I needed it and nobody else had built it yet. Both are legitimate reasons to build something."

RAP SHEET:

At Georgia Tech, standing up the first student-run web server in 1994, when the web was still largely a research network.

At AirTouch Cellular, now Verizon Wireless, building the company's first intranet and a Perl app pulling live cell-radio data straight from the field switches.

At Internet Systems of Atlanta, running one of the first internet service providers open to the Atlanta public, back when "online" still meant CompuServe and AOL mailed out floppies.

At Internet Security Systems, now IBM, running QA, automation, and rapid threat-signature delivery for RealSecure inside the X-Force research team.

At EarthLink, Senior Abuse Engineer, writing the company's spam feedback loop years before the industry made the idea standard, and building the detection tooling that fed EarthLink's cases against the "Buffalo Spammer" and the "Spam King," two of the most notorious spammers of the era.

At Northrop Grumman, owning identity and access for the CDC's Secure Data Network and running dynamic security testing against every application before it went live, the backbone behind BioSense and the national case trackers for HIV, SARS, and pandemic flu.

Under contract to the CDC's Center for Global Health, running incident response and managing encryption across 75+ countries through the Ebola crisis.

For a corporate fleet-management firm, turning 65,000+ exposed vulnerabilities into a remediation plan that drove them under 100 in a month.

At U.S. Bank, chairing the board governing 1,500+ applications and standing up its threat intelligence program across 12 global locations.

At U.S. Bank, protecting $4B in card transactions in a single afternoon at Churchill Downs.

At Activision Blizzard, owning security architecture for all 35 studios and 100,000+ endpoints through the company's $69B acquisition by Microsoft, the biggest deal the games industry has ever seen.

At Activision Blizzard, directing the security architecture behind Blizzard's exit from the Chinese market and its 2024 return, where the hard calls, like source code never leaving for China, landed on my desk, which meant getting intimately familiar with PIPL.

Co-inventor on U.S. Patent 8,152,059 B2.

ALSO ON FILE:

Threat Tape on Substack -- the long-form home for what doesn't fit in 200 words on LinkedIn. Operator notes from the security side of the room.

[ Start the conversation ]