Who We Are
Relentless in Mission. Realistic in Practice. Resilient by Design.
The leading platform for Adversarial Exposure Validation (AEV)
We help security teams make better decisions by continuously measuring how adversaries can exploit gaps across people, processes, and technology.
Our platform goes beyond testing individual controls. We deliver the insight needed to prioritize exposures, validate safeguards, and guide strategy — so you can move from reactive response to proactive readiness.
Whether you’re a Fortune 500 enterprise, a federal agency, or an MSSP, we help you operationalize threat-informed defense and prove resilience at scale.
Our Story
From Testing to Decision Support. From Validation to Exposure Management.
Founded in 2014, AttackIQ pioneered the Breach and Attack Simulation (BAS) category with the industry’s first commercial platform. But as adversaries evolved, so did we.
Today, we lead the market in Adversarial Exposure Validation (AEV), providing automated, production-safe testing aligned with the MITRE ATT&CK® framework and built to support Continuous Threat Exposure Management (CTEM).
We’ve moved beyond security control validation to deliver complete exposure management. Our platform helps organizations understand how attackers move, where defenses fail, and which exposures matter most. The result is smarter, faster, and more risk-informed decision-making.
Security teams trust AttackIQ to:
Our Mission
To Make the World Safe for Compute
Software powers our society, from critical infrastructure and global finance to the mobile devices we use every day. But as our digital footprint expands, so does our attack surface.
Attackers exploit the gap between how security is supposed to work and how it actually performs in production. That’s why we focus on validating not just vulnerabilities, but how adversaries move through real environments—and whether your controls, configurations, and compensating safeguards actually stop them.
By aligning security with real-world threats, we help ensure the systems we rely on remain secure, resilient, and trustworthy.
Our Vision
Turn Security Into a Strategic Advantage
Most organizations treat cybersecurity as a reactive cost center. We’re changing that.
AttackIQ empowers security teams to transform their programs into proactive, data-driven enablers of business resilience.
We envision a world where security is:
We help teams move:
AttackIQ Core Values
One Team
We win together with urgency, honesty, and shared purpose.
Impress Every Customer
Exceed expectations every time. Listen deeply. Deliver real value.
Do the Right Thing
Act with integrity, even when no one’s watching.
Innovate With Purpose
Challenge norms. Push boundaries. Raise the bar for cybersecurity.
Operate with Transparency
Own mistakes, share information, and celebrate wins.
People First
Support the whole person with flexibility, wellness, and trust.
AttackIQ Leadership Team
We’re guided by industry veterans and co-founders who understand both the complexity of cyber threats and the realities of enterprise operations.
Brett Galloway
Chief Executive Officer
Stephan Chenette
Co-Founder and CTO
Rajesh Sharma
Co-Founder and Chief Architect
George Tomic
Chief Development Officer
Carl Wright
Chief Commercial Officer
Eric Yeaman
Chief Financial Officer
Pete Luban
Field CISO
Eric Woerner
VP, Platform Arch & Eng
Jose Barajas
VP, Global Sales Engineering
Brandt Mackey
VP, Field Engineering
Rob Stitch
VP, Product
Jon Baker
VP, Threat-Informed Defense
Paul Reid
VP, Adversary Research
Jeffrey Rogers
VP, Customer Success
Maarten Kok
VP, EMEA & Global Channel
Our Investors
We’re backed by leading investors who understand the critical role cybersecurity plays in global resilience and who believe in our mission to make the world safe for compute.
Join Us
We’re on a mission to close the gap between threat and readiness—and we’re hiring across roles. If you’re ready to challenge assumptions, collaborate with the best, and help shape the future of cybersecurity, we’d love to hear from you.
Find your opportunity