John Stigerwalt: Strengthening Cybersecurity Through Research, Training, and Practice

John Stigerwalt

Applying attacker-led research, practical training, and live engagement experience to close security gaps!

Problem solving often begins as instinct, a pull toward fixing what feels unsettled and making sense of what others find confusing. For some, this instinct grows stronger with time, turning into purpose rather than skill alone. That pull guided John Stigerwalt from his earliest days in technology.

John entered the world of information technology through a helpdesk role, where every request carried urgency and every solution carried impact. Each issue asked for patience, logic, and empathy, and these moments shaped how he approached work and people. Solving problems became a way of caring, a method of helping others move forward with confidence and trust.

As his experience deepened, his curiosity led him toward security, a field where problem solving demands foresight, discipline, and emotional control. He stepped into leadership and red teaming roles, learning to see systems from every angle and to think with responsibility rather than impulse. This perspective shaped his belief that true protection comes from understanding first.

That belief took form through White Knight Labs. John describes this moment with clarity and meaning: “Founding White Knight Labs enabled me to transform my passion for cybersecurity into a mission-driven enterprise, bringing together a team of experts committed to safeguarding businesses and enhancing digital security.”

Today, his journey continues with steady intent. Problem solving remains the centre of his work, guided by purpose, shared values, and a commitment to protect what others rely on every day.

Where the Interest in Technology Began

Careers in information technology often begin with structured education or formal exposure, but John’s connection to technology developed much earlier through personal curiosity and experimentation.

John has always had a great interest in technology. Even in his teenage years, he was often pushing the limits of what he could do with a computer, just to see what was possible. Understanding how everything works was always the core goal. That curiosity eventually carried him into his first professional exposure to IT. John believes that helpdesk is a great place to start when beginning in technology. It teaches how to work under pressure and pick up new information quickly.

Those early roles were not treated as stepping stones to rush past. He consistently aimed to deliver the highest quality service possible, regardless of the task. Over time, those expectations shaped his professional discipline. The habits formed during those early days reinforced the foundational skills that continued to guide him throughout his career.

When Curiosity Shifted to Offensive Security

For many professionals, career transitions are marked by a clear turning point. For John, the move into red teaming and cybersecurity leadership emerged more gradually, shaped by growing skill and a deepening interest in how systems fail under attack.

As his skills grew, he developed into an interest in how attackers break into systems and what can be done to prevent it. John would not describe this phase as being driven by a single defining moment. There was not so much a specific turning point as that was the direction that everything ended up pointing towards.

Over time, the logic of offensive security became difficult to ignore. Offensive security takes the attacker mindset and uses it to better defences and protect digital infrastructure. That perspective aligned naturally with how John thought about problem-solving and risk. It offered a way to apply technical depth while directly contributing to stronger, more resilient systems. This made offensive security the clear focus of his career.

The Principles that Shaped Leadership

As John moved into leadership and began building something of his own, decisions carried more weight. Growth, responsibility, and accountability became daily considerations rather than abstract ideas.
Never sacrificing quality or integrity for short term growth has been a core tenant. Building something sustainable takes time, discipline, and difficult decisions. Understanding the work, respecting the people doing it, and taking responsibility for the outcomes is what truly makes effective leadership.

There are moments in leadership where choices do not present a clear right answer. Those situations test consistency more than confidence. If he sticks to his values, commits to his decisions, and works hard, then he will never regret his choices.

Building the Consultancy the Industry Was Missing

The decision to start a company did not come from ambition alone. It came from repeatedly seeing what was missing in the market and knowing it could be done better.

White Knight Labs was designed as the consultancy that both John and Greg always wanted to work for but could never find. A company where the drive to be the best of the best was paramount and the attacker mindset is used to find and close the gaps before the bad actors get to them. Instead of providing box checking, standard penetration tests given by generalists relying solely on automated tools, White Knight Labs looks for deeper vulnerabilities only expertise and deeper inspection can find.

“My dedication, combined with a passion for protecting businesses, led me to establish White Knight Labs and drive its success.” –John Stigerwalt

Adapting in Real Time When Access Was Limited

Some red team engagements unfold exactly as designed. Others demand adjustment in real time. One particular operation tested the team’s ability to read the environment and act without hesitation.
One engagement that gave us a good challenge involved a physical access operation. The team was able to enter the building at night but had very limited access to the rest of the building. After assessing the constraints, the team determined that their best option for persistent access was to clone a badge from one of the cleaning staff.

They first attempted to walk past and obtain badge reads directly. They were unsuccessful after a few attempts and quickly recognized that suspicion was building and the cleaning staff were close to finishing their shift. At that point, continuing the same approach would have increased risk.

One of the operators noticed the staff moving toward a break room and took up position there. Posing as an employee working late, they initiated small talk with the cleaning staff and waited for the right moment. That interaction created the opportunity to ensure a clean and usable badge read. After several successful reads, the operator disengaged from the conversation. The team was then able to make duplicates without detection.

Staying Ahead of a Constantly Shifting Threat Landscape

In a field where tools, techniques, and risks evolve without pause, staying current is not optional. It requires discipline, curiosity, and consistent involvement beyond day-to-day operations.

The drive to always stay ahead of the curve, a strong involvement with the industry, and staying an avid learner is what keeps John ahead of cyber threats. This is an industry he has devoted himself to, and he is always looking for signs of innovation. New technology increasing the attack surface, unique attack methods gaining traction, anything that could affect the way they operate remains on his radar.

He encourages his team to stay up to date and to share what they discover. By sharing insights, the team can cut through the noise more efficiently. Beyond external learning, they also invest in internal progress. They conduct in-house research and development, actively looking for new exploits and building tools to improve processes.

By remaining involved with the wider cybersecurity community, they share their advancements and grow together, with the intent of contributing to a more secure digital environment.

Performing Under Pressure

High-pressure environments expose gaps in preparation quickly. John’s experiences outside cybersecurity mirror the same demands he encounters during complex security operations.

Like skydiving and martial arts, cybersecurity is a field where expertise and quick thinking are critical. In each of these disciplines, situations can shift without warning. You need to be ready to handle high stress situations when things go in unexpected directions, because at some point they will.

Those capabilities are not instinctive. These skills come with practice and study. By learning as much as possible about the task at hand and truly understanding all the ins and outs, he is better prepared to respond when pressure surfaces. When those moments appear, the ability to think fast and with confidence becomes essential for success.

Drawing the Line Between Work and Life

In an industry that never fully slows down, boundaries become a decision rather than a luxury. For John, protecting time is directly tied to performance and sustainability.

Setting clear boundaries on work and personal time is critical. Cybersecurity is a fast-paced field that can take away all of your time if you let it. In order to be at peak performance, you do need time to recharge and refocus.

Time is treated as a finite resource. Balancing time between the people he cares about, professional pursuits, and personal hobbies allows him to function at his best. Protecting those time boundaries remains important.

“It’s important to know when to step away.” –John Stigerwalt

Growing Through Shared Dialogue

Active participation in the information security community has played a steady role in John’s professional growth. Conferences, discussions, and public forums are treated not as visibility exercises, but as spaces where ideas are tested and refined.

Collaborative forums for discussion are among the greatest ways to accelerate personal growth and strengthen the industry. When engaging publicly, whether through presenting or discussion, it becomes essential that thoughts are well informed and research is thorough. These settings often surface perspectives he had not previously considered. Others bring forward ideas that open new paths for deeper understanding and further learning.

By contributing what he already knows, he enables others to gain knowledge for their own journeys. That information is then applied, expanded upon, and used to strengthen security postures across organizations, creating a cycle of shared progress.

“As cybersecurity is an ever-changing field, only those who are dedicated to innovation and excellence will drive the future of this industry.” –John Stigerwalt

Using LinkedIn With Purpose

In a crowded professional landscape, platforms can either amplify noise or distribute meaningful insight. John approaches LinkedIn with a clear intention.

LinkedIn is an excellent platform for professionals to stay up to date on what is going on in the cybersecurity industry. He uses it to remain connected with associates across the field while sharing his expertise and passion for red teaming with a wider audience. His goal is to help organizations around the world strengthen their security posture and better prepare for the ever-evolving threat landscape.

That effort is largely driven by highlighting the work being done at White Knight Labs. By sharing White Knight Labs blogs, the intent is to keep the industry updated on tactics, tools, and information considered important for everyone to know. This information is shared widely and freely to support collective improvement.

Training also plays a central role. Trainings is shared to help bring up the next wave of cybersecurity professionals. All programs are designed to be fast-paced, packed with information, and offered at an affordable price.

Planning for Scale Without Losing Focus

As the next phase of his journey takes shape, John’s focus remains on growth that strengthens both his organization and the wider cybersecurity industry.

John’s goal is to continue to grow White Knight Labs and further advance the cybersecurity industry. The plan includes expanding services while continuing to secure both the private and public sectors. Over the next five years, the organization expects to grow to nearly one hundred people on the services side and to release multiple additional certification courses.

Training remains a long-term commitment. The goal is to build offerings that equip up-and-coming professionals with the skills they need, from beginner levels through highly seasoned expertise.
“We want to stay at the forefront of the cybersecurity industry.” –John Stigerwalt

“At White Knight Labs, we embrace this dynamic environment. We constantly develop new strategies to address the ever-changing challenges faced by our clients.” –John Stigerwalt

Read the full magazine edition: Click Here