top of page
Cybersecurity leader focused on building & advising startups on product, GTM, & leadership
Portfolio
This page includes a non-exhaustive list of several key products that I directly led, owned, or authored. It does not include projects where I was a standard contributor. These could not have been accomplished without the hard work & collaboration of my fellow team members and employees for whom these would not be possible. I also want to give a thank you to customers, users, & contributors for their feedback, design partnership and trust in our solutions.
Surface Command
2024 launch of Rapid7's Attack Surface Management solution called Surface Command. Surface Command was disruptive on price & value by being the only solution of its time to include internal (CAASM) and external ASM (EASM) capabilities along with RBVM (Risk Based Vulnerability Management data) to give you the best visibility of the assets and identities that organization's are responsible for protecting. It consolidated several tools that organization's purchased across multiple vendors. This specific screenshot is of the new Attack Surface overview page. I was the product & GTM leader of Surface Command.
Surface Command Demo
Demo video providing an overview of Surface Command
Exposure Command
Exposure Command became Rapid7's dominant land & expand VM offering. Unified platform experiences brought together several capabilities including Attack Surface and Vulnerability & Exposure Management, and CNAPP capabilities to help customers measure and manage their cyber-risk program across hybrid environments. It aligns well to Gartner's CTEM (Continuous Threat & Exposure Management framework.). I was the GTM & Product launch leader for Exposure Command.
Quick Actions
Platform capability embedded in multiple Rapid7 products to provide users with quick and easy access to investigative & response tools. I led the product strategy & teams to embed SOAR capabilities across our platform to drive more user adoption and value.
Quick Actions List
List of enabled Quick Actions
Embedded Workflows
Platform capability embedded in multiple Rapid7 products to provide users with quick and easy access to SOAR workflows. I led the product strategy & teams to embed SOAR capabilities across our platform to drive more user adoption and value.
Embedded Automation Workflows Configuration
We designed and delivered embedded automation experience that can be used across the Rapid7 platform from multiple products.
Extension Library
Central place for customers and sales to see & install all supported integrations across the Rapid7 portfolio. I led product, design, & engineering to deliver.
Extension Library Search
Simple search to find integrations across Rapid7 products
Discussion Forums
Launch of Discuss, Rapid7's online community for customers and partners. Intended to drive product adoption & best practices by encouraging conversation, information sharing, and resolving issues. Aided in reducing support tickets.
Leaderboard
Tracker to recognize the top posters and contributors to the forums
insightConnect
Rapid7's SaaS based SOAR solution, launched in 2018. My team initially developed all the integrations & workflow use-cases, then ran all of engineering, then product management, and finally the full SOAR business including ~100 employees of engineering, design, product, and operations, growing insightConnect to over $20m in revenue and reducing customer churn by 4% in 2 years.
insightConnect
Workflow Details page designed to simplify the configuration of workflows
Komand
Komand was a Boston based cybersecurity startup that launched an on-premise SOAR solution. We were acquired by Rapid7 in 2017. I was a founding member and led the integrations team, use-cases, sales engineering, and evangelism of Komand.
Komand Workflow Builder
Simple view of the SOAR workflow builder
ISLET
I authored an open-source tool call ISLET (Isolated, Scalable, and Lightweight Environment for Training) that was used to teach Linux software such as GNU tools, cybersecurity tools, and more at universities and for-profit organizations. I also co-authored an academic paper on the tool that was published at XSEDE.
ISLET Components
The components of ISLET include: GNU/Linux, Docker, Bash, SQLite, GNU Make, and OpenSSH.
Mal-dnssearch
I authored a cybersecurity tool that searches log files for known network indicators of compromise. It can be easily installed on any GNU/Linux host.
https://github.com/jonschipp/mal-dnssearch
https://github.com/jonschipp/mal-dnssearch
PPS (Packets per Second)
Simple utility that calculates PPS, BPS, and percentage of line-rate (LR) from Linux kernel statistics by reading from procfs. Requires sysfs and procfs. It was painful to debug network traffic performance on hosts without installing other Linux packages. PPS makes it very simple with a single file script.
https://github.com/jonschipp/pps
https://github.com/jonschipp/pps
Nagios Plugins
I authored a collection of nagios-plugins that have been used in many organizations to monitor services. I have over 100 forks and starts on Github.
https://github.com/jonschipp/nagios-plugins
https://github.com/jonschipp/nagios-plugins
OSSEC AR Tools
I authored a set of Active Response actions for the OSSEC Host Intrusion Detection System. These are intended to provide more context to existing alerts in an effort to reduce the false positive count.
OSSEC Monitoring
I developed a set of Munin plugins to monitor the performance of an OSSEC deployment
ContainNSM
I authored ContainNSM, a tool that is used to easily different versions of network security monitoring tools
bottom of page