Moving Research into Practice

Cordyceps provides targeted information security services to address strategic challenges in the U.S. public and private sectors. Our clients range from U.S. federal government agencies to financial sector companies and cutting edge software development organizations.

Our team is highly experienced in both high-level strategy and technology security consulting, providing an invaluable partnership between applied computer science and real world impact. Our research and development group focuses on technical solutions and their implications on the systems surrounding them.

In other words, we know how to break systems and occasionally, what to do about it.


Applied Research

We blend proven techniques with innovative technologies: modern fuzzing, automated binary analysis and exploitation, large scale graph databases, and natural language processing. Our research is tailored to customer requirements with a focus on repeatable and scalable solutions.

Risk Management

Cordyceps blends a strategic and technical approach to assessing and prioritizing threats. From national defense programs to financial infrastructure, we review your systems in the context of the threat landscape specific to your industry.


We provide training services in information security on topics ranging from offensive capabilities to national security and big data analytics. Our offerings include conferences, seminars, classes, and workshops for both a general audience and as intra-company sessions.

Vulnerability Research

We research and exploit new vulnerability classes in high priority systems.

Big Data Analytics

Our goal is to identify valid signals within large data sets and the valuable correlations between and within them. In our experience, this is often aided by outside annotations to the data that highlight extra-dimensional relationships.

Policy Analysis

Cordyceps has expertise in export control and other complex aspects of modern national policy when it comes to offensive cyber technologies. We are often called to help predict the effects of new regulatory environments or investments.


Cordyceps is a group of highly experienced information security professionals with decades of experience implementing strategy and technology solutions in both the public and private sectors. We use a matrixed approach to make sure each project receives the support it needs and the appropriate access to information, whether open source or proprietary.

Partner: Dave Aitel

With a successful career in the National Security Agency and then founding and exiting Immunity, Inc., Mr. Aitel has a proven track record in building teams that produce next-generation information security technologies.