From Hacker to Cybersecurity CEO: Building Continuous Security Testing with Casey Cammilleri of Sprocket Security

We chat with Casey Cammilleri, CEO and founder of Sprocket Security, a Madison-based cybersecurity company that's revolutionizing how businesses approach penetration testing. Casey started as a solo penetration tester - essentially getting paid to legally hack into companies to find vulnerabilities - but realized he could help more organizations by building software to scale that expertise.

What makes Sprocket Security different is their continuous approach. Instead of testing once a year like traditional security firms, they monitor organizations continuously, testing whenever there are changes or new threats emerge, so companies always know what their risks are.

We explore Casey's journey from individual consultant to leading a team of cybersecurity experts, his approach to building company culture with both local and remote employees, and his thoughts on growing a tech business in Madison versus coastal markets. You'll also hear his practical advice for founders about when to focus on building versus pitching, and insights for anyone interested in getting started in cybersecurity.

Segments

00:00 - Intro
01:32 - What Sprocket Security Does: Continuous Penetration Testing
02:57 - Casey's Background as a Penetration Tester
04:44 - Building Software to Scale Security Testing
06:03 - Early Go-to-Market Strategy and Local Network
07:14 - Early Challenges of Scaling from Solo to Team
08:26 - Learning Leadership and Using Mentorship
11:51 - Hiring Strategy: Local vs Remote Talent
13:42 - Building Company Culture Across Distributed Teams
15:04 - Sponsor Break (Headway)
16:46 - How the Vision Has Evolved Over 8 Years
20:04 - Running MadSec: Madison Security Community
21:06 - Getting Started in Cybersecurity Career Path
23:04 - Advice for Breaking Into Cybersecurity
24:36 - Hardware Security vs Software Security Focus
25:49 - What Casey Loves About Building in Madison
26:53 - What Wisconsin's Tech Scene Needs More Of
28:23 - Pitch Contests and Capital: Casey's Perspective
32:43 - Build First, Then Sell: Casey's Bootstrap Philosophy
34:57 - Balancing Innovation with Customer Commitments

Key Topics Covered

→ Building continuous penetration testing from the ground up

→ Scaling expertise through software and automation

→ Early challenges of hiring and building company culture

→ Local vs. remote hiring strategies for specialized talent

→ Growing a tech business in Madison's startup ecosystem

→ When to bootstrap vs. seek investment funding

→ Getting started in cybersecurity and penetration testing

About Sprocket Security:

Sprocket Security is an expert-driven offensive security platform that provides continuous penetration testing. Instead of testing just once a year, they monitor organizations continuously and test whenever there are changes that impact security or new threats emerge.

Resources Mentioned:

Sprocket Security:

https://sprocketsecurity.com

Casey Cammilleri on LinkedIn: https://www.linkedin.com/in/caseycammilleri/

MadSec - Madison Information Security Group

https://www.meetup.com/madsec/

TryHackMe - Cybersecurity challenges and training

https://tryhackme.com/

🔻 Connect With Us 🔻

Subscribe to the Startup Wisconsin Newsletter

https://www.startupwi.org/

Upcoming Events (400+ every year)

https://www.startupwi.org/events

Follow us on LinkedIn

https://www.linkedin.com/company/startup-wisconsin/

Interested in being a guest? Reach out!

jacob@startupwi.org

Startup Wisconsin's mission is to connect, educate, inspire, and grow tech startup communities across the state, not just during events, but year-round. This podcast is part of that vision, creating deeper connections and sharing the knowledge that helps Wisconsin's startup ecosystem thrive.