* In my particular line of business, the quality of one's website has vanishingly little to do with success. We have a cookie-cutter front page that says cookie-cutter things; its purpose is to confirm that we are, in fact, a real business. It succeeds at that.
* I have no doubt whatsoever that people outside software security, or maybe even new entrants in software security, have much to gain from press hits. But "fresh hits" do very little for us.
* Only a very small minority of our business is "event driven", such as when a CEO realizes he has an immediate security problem. We're an engineering service. In the overwhelming majority of cases, we're working for other engineers and their product managers who've known for ages that they need help with security; we get engaged when it makes sense in the budget and the dev cycle to engage us.
We're one of the largest pure, dedicated software security firms; we're also one of the more mature/established of them. Most of our business tomorrow will come from executing competently today; people who can reliably flush security flaws out of arbitrary pieces of software are in short supply and high demand.
* In my particular line of business, the quality of one's website has vanishingly little to do with success. We have a cookie-cutter front page that says cookie-cutter things; its purpose is to confirm that we are, in fact, a real business. It succeeds at that.
* I have no doubt whatsoever that people outside software security, or maybe even new entrants in software security, have much to gain from press hits. But "fresh hits" do very little for us.
* Only a very small minority of our business is "event driven", such as when a CEO realizes he has an immediate security problem. We're an engineering service. In the overwhelming majority of cases, we're working for other engineers and their product managers who've known for ages that they need help with security; we get engaged when it makes sense in the budget and the dev cycle to engage us.
We're one of the largest pure, dedicated software security firms; we're also one of the more mature/established of them. Most of our business tomorrow will come from executing competently today; people who can reliably flush security flaws out of arbitrary pieces of software are in short supply and high demand.