In recent years, cyberattacks have grown in scale and complexity, affecting businesses of all sizes and industries. Today’s hyper-connected digital landscape has increased businesses’ reliance on technology, exposing them to a growing number of cyber threats and security breaches. A Statista study has revealed 3,158 cases of data compromise in the United States in 2024. Industries such as financial services, professional services, and healthcare recorded the most data breaches in the same year.
Another 2024 Statista report has also revealed that nearly six in ten organizations in the US were hit by ransomware attacks within the past year. Looking at these statistics, we can understand the necessity of preventing and combating such cyberattacks more rigorously. Companies with a weak security system are most vulnerable to such attacks, and this is where White Knight Labs (WKL) comes into play.
Embracing the Honor
The company stands at the intersection of battling cyberattacks and ensuring effective cybersecurity solutions for businesses. Awarded as one of the ‘10 Best Cybersecurity Companies of the Year 2025’ by The CEO Views, White Knight Labs stands out from the rest for its exceptional cyber security consulting services and solutions in Offensive Cyber Engagements. As the company always strives to be on the leading edge, Co-Founder John Stigerwalt takes this recognition as an honor for everyone at the White Knight Labs team and takes immense pleasure in being among the best.
A Tech-inspired Creation
WKL’s journey was driven by a collaborative vision of its two founders, John Stigerwalt and Greg Hatcher.
“Greg and I have dedicated our careers to information security and White Knight Labs is the culmination of that,” says John Stigerwalt.
John has been working with technology for his entire career, spending time as a network defender, penetration tester, and team lead on both defensive and offensive security teams, gaining a unique perspective on the entire security landscape. On the other hand, Greg has a background in the Army Special Forces, teaching at the NSA, and led a red team for CISA specializing in critical infrastructure.
“Our goal was to take this knowledge and experience to build a specialized offensive security company that brings the most possible value to defenders, showing them where they will see actual impact and how best to counter it,” adds John Stigerwalt.
Acing Offensive Cyber Engagements
White Knight Labs is built as a team of teams, with each team being made exclusively of specialized senior and principal-level engineers. WKL only includes professionals who have the strength to discover new exploits, develop tools, give back to the community through training others, and have given public presentations on their work. Instead of having junior and early-career engineers running their engagements, clients have seasoned professionals who have mastered their domain and know how to show the impact of their findings.
‘Much More than Just a Security Assessment’
When asked about the core meaning of the tagline ‘Much More than Just a Security Assessment’ during our talk with John Stigerwalt, he mentioned the lackluster penetration tests that network defenders often receive. Many have had to deal with reports that were not very actionable, the impact was unclear, or the report was just a scan from an out-of-the-box assessment tool. In response, WKL runs a model of 20% automated scanning, 80% manual testing, and proof of vulnerability.
“In a modern complex system, it is impossible to check every endpoint, port, and dependency so some automation is needed to ensure breadth of coverage,” mentions John Stigerwalt.
Some vulnerabilities cannot be found without a trained eye and a skilled hand which is something the White Knight Labs team provides.
Tools to Emulate Real-world Threats
Real-world threats rarely use out-of-the-box commercial tools. Most of these tools are detected by antivirus as soon as you try to do anything of consequence on a network. All their signatures and behaviors are known, showing plenty of red flags that EDR and NIDS can comprehend. Serious attackers utilize custom tools if they are not just going for the low-hanging fruit.
By acting like an actual malicious actor, WKL can better determine the client’s security posture and deliver a better result. The company has a wide range of services, such as advanced adversarial emulation, social engineering simulation, ransomware attack simulation, security auditing, and more, to help clients make clear decisions about business security.
Risk Reduction and Business Integrity: The Core
WKL keeps risk reduction and business integrity at the core of its offerings. It ensures its services align with each client’s unique business objectives and compliance requirements. In this context, while scoping a potential engagement with a client, WKL always discusses their experience with other offensive security providers and what matters most to their business.
White Knight Labs ensures that the engagement offered is tailored to the client’s security maturity level. Clients who did not have an actual penetration test before are not recommended to start with a full-scale Red Team exercise.
Simply escalating privileges from a basic user account to a Domain Administrator may not be enough for their non-technical leadership. In such a scenario, unlike other offensive security organizations, WKL shows clients their accessibility to critical data and processes and solves their issues step-by-step.
From One Vertical to the Other
WKL serves a wide range of verticals, from web applications to high-security networks. It follows a two-fold approach to tailor assessments across industries. First and foremost, they listen to their clients carefully and identify what is critical to their infrastructure, current security posture, culture around security, and direct concerns. The second focus is ensuring that their engineers come from backgrounds where they understand their clients’ needs.
“Our engineers have diverse technical backgrounds, giving us further insight into almost all of the verticals we come across,” emphasizes John Stigerwalt.
Even across technical specialties, WKL encourages its engineers to communicate to deliver the best possible service and actually understand the environments they are working in.
Dodging the Bullet
With a significant rise in cybersecurity threats in the previous years, 2025 is expected to fundamentally witness social engineering schemes and deployment at scale as the two biggest threats. It has long been said that untrained users and those given only negative reinforcement are the weakest security links. From a more technical standpoint, trying to keep up with the current deployment pace can result in mistakes, leading to breaches.
“Continuous Integration / Continuous Deployment solutions are easy to misconfigure, AI- produced code has been known to have huge security issues when not properly vetted,” shares John Stigerwalt.
Rightly trained individuals who are encouraged to speak up when they see something wrong can become the strongest asset. Shifting security left in the DevOps can help in catching problems long before they become an issue.
Navigating a Threat Landscape
WKL stays on top by focusing on its various specialties. Each of its team members is an extremely skilled penetration tester in their specialty, and WKL encourages them to remain up to date on their area of expertise. In John’s view, it is impossible for an individual to keep up with every change, but relying on each member with expertise in their area and motivating them to work together makes the situation more manageable.
Culminating a culture of Innovation
Innovation is deep in the DNA of WKL’s approach to ethical hacking. As co-founders, John and Greg lead White Knight Labs as a team dedicated to delivering custom-tailored penetration tests to achieve the specific objectives of each client organization. Pushing each other and the boundaries of what’s possible, John and Greg are propelling the company to new heights.
John believes that the key to a successful team lies in creating an environment where every member feels valued and has the opportunity to meaningfully contribute to the company’s success. He fosters a culture of open communication and idea-sharing, which not only drives innovation but also strengthens mutual respect among team members. It is important for him to provide his team members with opportunities for professional growth, recognize individual achievements, and ensure each of them feels motivated to excel.
Coping with High-Stake Cybersecurity
According to John, it is crucial to maintain a work-life balance and stay calm as an entrepreneur to ensure sustained success in the cybersecurity field. He sets clear boundaries between work and personal life, ensuring he has moments to recharge and refocus. “It’s important to know when to step away,” says John. ‘Jiu-Jitsu’ is John’s key to unlocking a healthy life, a way to keep himself strong and break away from the computer to clear his mind. He prioritizes family time as much as his work time, always taking time for his family and coming back to work whenever needed.
Envisioning WKL’s Future
John envisions WKL will broaden its reach and impact in the cybersecurity industry in the next five years. John sees White Knight Labs expanding its service offerings, particularly in areas like red teaming, covert operations, and offensive development. In addition to these advanced services, the company is also working on developing new certification programs designed for entry-level professionals eager to break into the field of penetration testing.
John remains committed to augmenting his expertise in cybersecurity on a personal level. His goal is not just to lead White Knight Labs but to guide it toward becoming one of the top 10 most recommended penetration testing companies globally. John is committed to driving the company’s growth and ensuring sustainable success in a competitive and ever-evolving industry.
Being a Beacon of Inspiration
“It’s good to have some generalist skills, but having a high level of mastery in a specific area can really make your career.” – John Stigerwalt
Exploring and taking advantage of all the existing training and networking opportunities is one of the most inspiring pieces of advice that John gave to aspiring industry professionals. As there has been a boom in the volume and quality of cheap and free resources, John encourages aspiring innovators to find an area that kindles their passion and be as good as possible in that area.
We always encourage our clients to take a holistic approach to their development and training wherever possible and keep security in mind for all business processes.
