About
With over 60 years of combined security experience the TwinWave founding team is passionate about helping organizations combat security threats.
Over the years the team has worked on designing and building products including early IDS technologies, advanced malware detection solutions and one of the first SOAR products just to name a few. We are also frequent contributors to multiple open source security projects.
Why We’re Here
We started TwinWave to share our experiences building tools to detect, analyze and understand threats with enterprise security teams. Our goal for the TwinWave threat analysis platform is to reduce the friction of repetitive manual tasks typically associated with investigating threats.
Our customers are passionate about security, and our product, and they tell us that TwinWave isn’t a “typical” vendor. We believe this stems from listening to our users and creating products that empower security teams to do their jobs more efficiently and effectively.
Meet the Founders
Mike Horn
Co-Founder / CEO
My journey in cybersecurity started over 20 years ago with my first job working for a defense contractor installing firewalls and doing penetration testing for the Department of Defense. Since then, I have been fascinated with security, the constantly evolving threat landscape and understanding how threats work.
Over time my focus shifted from building things as an engineer, to designing products and working with customers as a product manager, to eventually founding and leading companies.
As one of the founders of NetCitadel, a cybersecurity startup, I wanted to bring automation to Security Operations Centers (SOC) to help them keep up with the growing volume of security alerts. This led to creating one of the first Security Orchestration and Automated Response (SOAR) products.
After NetCitadel was acquired by Proofpoint in 2014, I ran the product management and engineering teams responsible for their Targeted Attack Protection (TAP) Dashboard, Threat Response and ET Intelligence products. In that role, I worked closely with many enterprise security teams and saw firsthand what was working well and where they still struggled to find tools to make their jobs easier.
In 2019, I wanted to scratch my entrepreneurial itch again and I started TwinWave Security with Bryan and Will. We set out with a goal to help enterprise security teams analyze and investigate threats which led to our threat analysis platform.
When I’m not working I enjoy anything outdoors including skiing and chasing my daughters around the soccer field.
Bryan Burns
Co-Founder / CTO
I have spent my career building and leading teams of security researchers and analysts. In that time, I have learned that one of the toughest challenges within security organizations is that the security problems being solved require smart, creative individuals, but often the work we give them is monotonous and boring. We hire needle experts, but then occupy them with haystacks, and burnout is an all-too-frequent consequence.
As a leader, I have focused on building customized automation software to help my teams overcome this fundamental challenge. By doing so, my teams have been able to outperform larger teams, while enjoying their jobs much more. Architecting and implementing scalable and dependable software systems to solve real-world problems is my ultimate motivation.
Mike, Will and I all share this same passion for building tools to automate the repetitive and boring aspects of security work. When it came time for me to pursue my lifelong dream of founding a company, it was only natural that the three of us would combine forces to create TwinWave.
When I’m not sitting in front of a computer, I like to explore the pacific northwest by sailing, hiking and skiing with my family.
Will Metcalf
Co-Founder / Chief Researcher
I have over 20 years of experience in the security industry. At TwinWave I'm responsible for driving the creation of detection-related technologies and signatures. Additionally I take pride in my role of questioning Bryan's taste in the members of the band Genesis and his chosen side in the corn vs. flour tortilla war.
Before TwinWave, I was a principal threat engineer at Proofpoint. I like to think of this title as fancy wording for being a detection-related activities utility infielder. I went where I was needed and thought I could do the most good. My work at Proofpoint ranged from developing sandboxing technologies to creating behavioral, pattern, and machine learning-based detections.
I joined Proofpoint through their acquisition of Emerging Threats, a company focused on creating IDS rulesets for the Snort and Suricata IDS engines, where I was the director of security research.
I was also a founding member of the Open Information Security Foundation, initially a DHS-funded non-profit focused on building a next-gen network intrusion prevention software which resulted in the creation of Suricata.
I spent the beginning of my career in various infosec roles for state and municipal government entities.
I enjoy spending free time with my family and working on my two '80s movie cars.