For John Stigerwalt, cybersecurity has never been just another career—it has always been a personal mission. His fascination with technology started at an early stage, but what made him stand out was his constant curiosity about how systems could be broken and defended. Unlike many who specialize in one narrow area, John deliberately chose a path that allowed him to explore technology from multiple angles.
Over the years, he worked as a developer, blue team lead, and penetration tester. Each of these roles gave him a different lens to view the industry through. As a developer, he understood how applications are built, where logic errors occur, and how attackers might exploit weak coding practices. As a blue team lead, he learned the defensive side—how organizations try to protect themselves, the challenges of limited resources, and the tough trade-offs decision-makers often face. As a penetration tester, he combined this knowledge with creativity and offensive techniques to demonstrate just how real the threats could be.
This diversity of experience gave John a rare balance: the technical depth to understand complex systems and the strategic perspective to see how organizations make critical security decisions. It was precisely this combination that pushed him to take the next step—building a company that could bridge these worlds.
“Founding White Knight Labs enabled me to transform my passion for cybersecurity into a mission-driven enterprise, bringing together a team of experts committed to safeguarding businesses and enhancing digital security.” – John Stigerwalt
White Knight Labs
White Knight Labs (WKL) wasn’t founded as a business idea—it was born from a vision. John and his co-founder Greg had long imagined the type of cybersecurity company they wanted to work for but never found. They both wanted a firm that prioritized excellence over size, quality over quantity, and true offensive expertise over superficial testing.
WKL was designed to be small, sharp, and elite—bringing together some of the best offensive security engineers from around the world. Instead of focusing on generic solutions, the firm set out to replicate the most advanced tactics used by real-world attackers. The goal was not simply to generate reports but to give organizations an authentic glimpse of how sophisticated adversaries operate.
Today, White Knight Labs has become a name synonymous with precision and trust. Clients turn to WKL when they want to know the truth about their vulnerabilities—not a watered-down version. By exposing weaknesses before malicious actors can exploit them, John and his team have positioned themselves as invaluable partners in a world where digital threats evolve daily.
“My dedication, combined with a passion for protecting businesses, led me to establish White Knight Labs and drive its success.” – John Stigerwalt
Strengthening Global Security with Microsoft
Even before WKL became widely recognized, John had already made a mark on global security through his collaboration with Microsoft. He worked directly with their team on Windows 10 kernel security, an area critical to protecting millions of users worldwide.
Windows, as the most popular operating system, has always been a prime target for attackers. By contributing to strengthening its kernel, John wasn’t just protecting one company—he was helping secure the backbone of the digital ecosystem. His work reduced vulnerabilities, improved resilience, and reinforced the importance of proactive measures at the very heart of modern computing.
This collaboration didn’t just expand John’s technical portfolio; it gave him a broader mission. It showed him that the decisions cybersecurity professionals make can impact millions, and that protecting digital systems is, in many ways, protecting society itself.
A Tailored Approach to Cybersecurity
One of the biggest differentiators of White Knight Labs is its strong belief that cybersecurity cannot be approached with a “one-size-fits-all” mindset. Every organization is unique—its infrastructure, compliance requirements, and critical assets all differ. John has always emphasized the need to listen first and act later.
Before every engagement, the WKL team spends time understanding the client’s environment: What systems are business-critical? What compliance standards must they adhere to? Where do they suspect they may be most vulnerable? This groundwork allows WKL to design customized penetration tests that are not only technically thorough but also strategically aligned with the client’s most pressing concerns.
“At White Knight Labs, we embrace this dynamic environment. We constantly develop new strategies to address the ever-changing challenges faced by our clients.” – John Stigerwalt
This personalized model ensures that clients do not just receive a technical report, but actionable insights that reflect their reality. For John, the purpose of cybersecurity testing is not to check a compliance box—it’s to genuinely strengthen defenses against real-world threats.
The 20/80 Testing Model
In an age where many security firms rely heavily on automated tools, John advocates a different philosophy. White Knight Labs follows the 20/80 model—20% automation and 80% manual testing. The reasoning is clear: automation can quickly scan broad systems and flag common issues, but it is incapable of catching the nuanced vulnerabilities that skilled adversaries exploit.
By making manual testing the centerpiece of their approach, WKL ensures that every engagement reflects the creativity, expertise, and instincts of seasoned penetration testers. Their engineers leverage automation only to establish scope and coverage, then dive deep with hands-on techniques to uncover weaknesses that tools miss entirely.
“We adhere to a 20/80 testing standard, where 20% of the process is automated and 80% is manual, guaranteeing comprehensive coverage. Our engineers also utilize a bespoke internal playbook, crafted from years of hands-on testing experience.” – John Stigerwalt
The result is a testing process that mirrors the sophistication of real attackers and delivers clients a far more accurate picture of their risks.
Real-Time Insights for High-Profile Clients
Transparency is another cornerstone of WKL’s operations. In many traditional security engagements, clients receive updates only after testing concludes. John changed that model by integrating real-time communication into red team operations.
Before each project, the team and client agree on secure communication channels, often encrypted group messaging systems. This allows all key stakeholders to receive live updates during the engagement, ensuring they are never left in the dark about progress or findings.
This approach reflects John’s philosophy that red teaming is not adversarial to the client—it is a collaboration. By maintaining open communication, clients gain both peace of mind and a deeper understanding of the threats being simulated.
A Culture Inspired by Special Operations
White Knight Labs’ internal culture is unlike most cybersecurity firms. Drawing inspiration from the United States Army Special Operations, John designed WKL as a “team of teams.” This means that while each engineer is highly capable on their own, the collective strength of collaboration multiplies their impact.
Every member of the team is carefully selected—not just for their technical expertise, but for their dedication to the craft and their contribution to advancing the field. WKL hires only senior and principal-level engineers, ensuring that every project is handled by professionals with years of proven experience.
“We bring our engineers together and encourage them to share what they know to grow each other’s skillsets.” – John Stigerwalt
Within this environment, knowledge flows freely. Engineers constantly learn from one another, sharpen their skills, and push each other to stay ahead of evolving threats. It’s a culture built not only on excellence but also on trust, camaraderie, and respect for the craft.
Leading with Integrity, Drive, and Curiosity
When asked what values define a strong cybersecurity leader, John does not point to technical mastery first—he points to personal values. For him, three qualities stand above all others: drive, curiosity, and integrity.
Drive keeps leaders pushing forward, even when challenges seem overwhelming. Curiosity sparks innovation, enabling professionals to question assumptions, explore unknowns, and uncover hidden vulnerabilities. And above all, integrity builds trust. In an industry where professionals are often granted access to the most sensitive systems and data, integrity is not optional—it is everything.
John has embedded these values into the DNA of White Knight Labs. They are not just principles for leadership—they are expectations for every member of the team.
Defining Red Team Operations
Every cybersecurity company has moments that test its philosophy and skillset, and for White Knight Labs, one such defining engagement came during a red team operation in Houston, Texas. The mission was clear: infiltrate a secure building, bypass physical and digital defenses, and place dropboxes that would allow remote network access.
The task was anything but simple. Initial door security was strong, forcing John and his team to improvise with an under-the-door tool after first removing weather protection using power tools—a process that took nearly twenty minutes. Once inside, alarms went off, but the response time was surprisingly slow.
Sensing an opportunity, the WKL team adapted.
“We knew that setting off an alarm a second time without any noticeable sign of forced entry would result in the police marking it as a false alarm, which gave us the chance to move deeper into the environment.” – John Stigerwalt
Their instincts proved right. By carefully timing their moves, they gained access to more secure areas, placed multiple dropboxes, and eventually established a strong foothold in the client’s network. What began as a physical infiltration turned into a full-scale security assessment that exposed blind spots and helped the client understand both their strengths and weaknesses.
For the client, the engagement was a wake-up call. For WKL, it was a validation of their philosophy: to replicate the tactics of real attackers so that organizations can see the truth before it’s too late.
Remote-First by Design
When the pandemic forced organizations worldwide into remote work, many struggled to adapt. White Knight Labs, however, was already built for it. From day one, John made WKL a remote-first company. His reasoning was simple: cybercrime is global, so the defenders must be too.
“The cybersecurity landscape is not defined by location, so why should we restrict ourselves?” – John Stigerwalt
This philosophy allowed WKL to tap into elite talent across continents. Instead of limiting recruitment to one region, John opened the doors to specialists worldwide, creating a diverse team that mirrors the very nature of the threats they combat. By removing borders, WKL not only found the best minds in offensive security but also fostered a culture of inclusivity and collaboration that transcends geography.
Training the Next Generation of Experts
John is not only committed to protecting organizations today—he is equally passionate about preparing professionals for tomorrow. Under his leadership, White Knight Labs has been developing specialized training programs designed to equip penetration testers with advanced skills.
He is particularly excited about upcoming courses on red teaming against Google Cloud Platform (GCP) and Active Directory environments. Both areas are integral to modern enterprises, and attackers are increasingly targeting them. These training modules are designed to take experienced testers and elevate their capabilities, enabling them to perform more advanced and realistic engagements.
By investing in training, WKL extends its impact beyond client work, shaping the next generation of offensive security professionals who will lead the industry in years to come.
Balancing Innovation with Resilience
In a high-pressure industry like cybersecurity, leaders often risk burnout if they do not manage themselves carefully. John emphasizes the importance of balance—staying disciplined, maintaining a structured schedule, and leaving room to adapt to unexpected challenges.
“It’s important to know when to step away.” – John Stigerwalt
For him, resilience is as important as innovation. A calm, focused leader is better equipped to guide a team through complex operations and high-stakes engagements. His leadership style blends discipline with flexibility, ensuring WKL remains sharp, innovative, and adaptable.
AI: A Powerful Tool, A Careful Approach
Artificial Intelligence is reshaping industries, and cybersecurity is no exception. John acknowledges AI’s immense potential as a force multiplier for skilled penetration testers, but he approaches it with cautious optimism.
AI can quickly analyze patterns, highlight anomalies, and accelerate processes—but it is not without flaws. John stresses the importance of securing AI systems themselves, enforcing strict rules on data input, and continuously testing for vulnerabilities or misconfigurations.
At White Knight Labs, AI is not seen as a replacement for human ingenuity. Instead, it is treated as a powerful tool—useful only when paired with the expertise, judgment, and creativity of seasoned professionals.
Guiding the Next Generation of Cybersecurity Leaders
For John, one of the most rewarding aspects of leadership is guiding aspiring cybersecurity professionals. He often reminds them that success in this field doesn’t come from shortcuts—it comes from mastering the fundamentals and then building specialized expertise on top. His advice is straightforward yet powerful:
Start by understanding information technology and software development at a foundational level. Learn how systems are built, where flaws can appear, and how those flaws can be fixed. Once that base is solid, explore areas of specialization. Whether it’s penetration testing, cloud security, or red teaming, specialists will always be in higher demand.
“As cybersecurity is an ever-changing field, only those who are dedicated to innovation and excellence will drive the future of this industry.” – John Stigerwalt
John emphasizes that curiosity and persistence are just as important as technical skills. Cybersecurity is a marathon, not a sprint—those who continually push boundaries and stay curious are the ones who rise to the top.
The Road Ahead for White Knight Labs
Looking into the future, John has a clear vision for where he wants to take White Knight Labs. Rather than chasing rapid expansion, his focus remains on quality, expertise, and influence. Over the next five years, he sees WKL:
- Expanding its global footprint by engaging with both private and public sector organizations.
- Hiring more world-class engineers, handpicking only those who align with WKL’s culture of excellence.
- Scaling advanced training programs, helping elevate the next generation of offensive security professionals.
- Deepening service offerings, ensuring clients are protected against the most sophisticated and emerging cyber threats.
“We want to stay at the forefront of the cybersecurity industry.” – John Stigerwalt
By staying true to its roots as a boutique, specialized firm while broadening its reach, WKL is poised to play an even more significant role in shaping the future of cybersecurity globally.
A Legacy Built on Integrity and Excellence
When asked what kind of legacy he hopes to leave behind, John doesn’t point to profits or accolades. Instead, he speaks of inspiring others—to aim higher, work harder, and never compromise on integrity.
“Cybersecurity offers opportunities for people with many different skillsets, but doing well requires time, dedication, and integrity.” – John Stigerwalt
For him, legacy is not just about building a company but about shaping an industry culture that values trust, collaboration, and continuous improvement. He hopes future leaders will carry forward the principles that have guided him: drive, curiosity, and above all, integrity.
