Security is more than a job. It’s how we think.
Alpha Defense is a boutique offensive-security firm founded in 2006. For two decades we’ve been the team organizations call when checkbox security isn’t enough, and the quiet delivery team behind some of the largest names in the industry. We go beyond compliance to find the vulnerabilities that actually put you at risk.
Built by engineers who break things for a living.
Alpha Defense was founded on a simple conviction: most security testing is too shallow to matter. The industry had learned to sell automated scans dressed up as expertise, and real adversaries were walking straight past it.
We built the opposite: a senior-led practice where every engagement is run by an engineer who genuinely thinks and operates like an attacker. Over twenty years that approach has taken us from boutique penetration tests to hardening connected-device platforms deployed at massive scale, responding to live incidents, and serving as the trusted offensive-security team behind national accounting, consulting, and security firms.
We’ve stayed deliberately boutique. It’s why the person scoping your engagement is the same caliber of person running it, and why our clients stay with us for years.
Three things we don’t compromise on.
Human judgment, AI-amplified
Tools find the obvious. People find the dangerous. We lead with senior judgment and use AI to go further and faster, never to cut corners.
Partnership, not transactions
We build long-term relationships (many clients have trusted us for a decade or more) and treat your security as if it were our own.
Truth over comfort
We tell you what we actually found and what it really means, even when it is not what you hoped to hear. That honesty is the whole point.
Who you’re working with.
Bill Terwilliger
Bill founded Alpha Defense in 2006 and has spent his career at the deep end of offensive security. Before Alpha Defense, he spent over a decade at Harvard University in senior security roles. He was a founding member of Harvard’s Network Security Incident Response Team (NSIRT) and its forensics lab, where he led network and application penetration tests and chaired the university’s internal security working group.
His background spans hands-on penetration testing, incident response and digital forensics, reverse engineering, and security research, including prior classified security research for a government contractor. He remains active in the hacker and research community and has led Alpha Defense’s most demanding engagements, from large-scale connected-device platform hardening to high-stakes incident response.
PLACEHOLDER Certification list is representative; confirm/adjust against current team credentials.
Work with a team that takes it personally.
Two decades of senior-led offensive security, at your service.