A modified Hard Time XL frame from The Cruiser Shop in Campbell, California with electronics by Grin Technologies and powder-coated finish to bring out the heat marks at weld points.

It was a hot summer afternoon in Pleasant Hill, California and I stood back, sweaty and irritated, debating whether the best path forward was to drive this two year project to the dump. The lead acid batteries, the entire two-person bike, all the custom mounts. Even the tools were cursed at that point. I didn’t care about heavy metals seeping into the soil or repurchasing new end wrenches, needle nose plies and sockets. The whole situation was an expensive, time-consuming disaster with no end in site. I never wanted to look at it again.

Reviews are critical to employee, manager and corporate health. A lack of regular feedback can create misunderstandings when it comes time for annual reviews, it can lead to compensation or promotion shocks and a lack of strategic delivery on products. I’ve been hiring lots of people lately and explaining my review process verbally, which means it’s time to write it down and circulate instead. Maybe it’ll be useful to others too.

I’ve been managing people for going on 15 years. When I ran my private investigation agency, I focused on bringing money in the door, finding the best contractors and…


“When you were in the studio doing Loaded, what were you doing?”

“I have no idea.”

Andrew Weatherall wasn’t lying when he described the process of remixing his first song. One of the band members from Primal Scream liked the records he played at a nightclub and asked if he’d remix it for 500 pounds. Weatherall had never been in a recording studio before.

“I wanted to tear it apart, but I didn’t want to upset anyone,” Weatherall said. “I was new to this game… His words were ‘just fucking destroy it man.’

Hosting a panel has always been a professional goal of mine. The back-and-forth exchange frees experts up for more conversational chatter, the watercooler stuff that never makes it into a rehearsed talk with a slidedeck. So when my VP asked to come up with security metrics at CircleCI, that meant asking people in my network questions and… bang! There was my first panel.

Trouble was, it had to be virtual and I’d never seen one. To be clear, I didn’t do this solo. Everything turned out great thanks to a bunch of conversations with people who’d held them in the…

This is part one of a four-part series about measuring security at a startup. The others include: Measuring Capacity in Security, Security Frameworks Explained and Assessed For a Startup, and How We Measure Security at CircleCI.

“I need metrics to report up the chain,” my VP said. “Security is notoriously hard to measure. We still need to do it.”

Our team was growing, spending more money and ingesting more people/services than anyone could plausibly keep an eye on. It was a reasonable request. I wanted better insight too.

During the first half of 2020, I tried to squeeze in google…

This is part of a series answering interview questions submitted to Glassdoor.com for security engineer jobs. All questions are available at my Github page. I’ve also started using them as a way to teach my son about computer science so we write some of these together. Did you find something incorrekt? Please let me know. Accuracy is imperative.

Way back when I started using the internet, I used Hotmail.com for email. I had to type my username and password to access the authenticated dashboard for viewing my email. However, if I used that same browser window (this was before tabs)…

A few months ago, I had a nebulous problem that affected multiple stakeholders on multiple teams. A hot potato causing problems for lots of people. Nothing burning, but definitely irritating. The VP who oversaw all of us said, “Write a problem statement and book a meeting.”

Great idea until I went looking for a template. We didn’t have one internally so I turned to Google, which produced lots of templates that all felt out of date. Gahk. Yak shaving. Guess I’d have to learn how to write a problem statement before I could start solving my own problem.

As a…

One of my favorite introductions to a new boss happened last year on his first day. He sent me a blog post that explained what he’s like to work with. Documentation? On a manager? This was off to a good start.

Working with me shouldn’t be a mystery so I put my own together. The process helped refine my values and that’s a good thing. It’s broken out into four main sections: What I’m Like, What It’s Like To Work For Me, What Influenced Me As A Leader and What I Value.

What I’m Like

  • I’m a dad, exercise a lot (with an…

When I was a middle schooler in Wyoming, hunting/fishing/ranching and all that had no appeal. My interests largely came through MTV when it still played music. That was my window into the world outside Wyoming, where I learned about people different from me and could pick/choose what appealed to me.

A song called 3 AM Eternal came out in 1991 with dance beats, gospel singers, World War II style radio dispatches, foggy European runways, lasers, a rapper who looked intellectual and a headbanging guitar player wearing a raincoat. I loved everything about it instantly, secretly and absolutely. No one told…

A lot’s already written about Principles by Ray Dalio and its even an App. So what do I have to add? An anecdotal feature about how it influenced me to shut down my own company (yes, you read that right), pivot 90 degrees into something tangential at the time and find what I’d been trying to build through a different avenue.

I first heard about Principles when Bridgewater Associates recruited a friend of mine working in investment banking.

“Not for me,” he said, or something similar. “It’s a weird place. The founder wrote a manuscript that every employee is required…

Tad Whitaker

Security, Builder, Dad

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store