We publish our tools, share our methods, and advance the field with every engagement. The best way to protect our clients is to raise the security bar for everyone.
We are a security research and consulting firm working across defense, technology, finance, and blockchain. Our teams take on our clients' hardest problems: designing and building new security technology, researching techniques that move the field forward, and reviewing high-stakes products before they ship.
Research model
Trail of Bits launched in 2012 because the security industry had a knowledge-hoarding problem. Firms competed on secrecy while the same vulnerabilities kept showing up everywhere. We took the opposite approach: solve the problem once, build a tool, and release it. Today we maintain 100+ open-source projects used by security teams worldwide.
Publish everything means exactly that. Our blog posts become reference material, our internal tools become community standards, and when we find a new attack pattern we build the detection for it and put it in everyone's hands. We do this because we think it is how security should work.
Most consultancies sell hours and hand you a report. We sell the output of work that shapes where the field goes next. We run multi-year DARPA programs, finish among the top teams in contests like the AI Cyber Challenge and the Cyber Grand Challenge, and disclose vulnerabilities in systems that dedicated security teams could not protect. When you hire us, you get the benefit of all of it.
Top talent
Our engineers are researchers first. Every one of them gets dedicated time to build tools, study what they find, and present it publicly, and that time is what keeps the bench sharp. The people who maintain Slither or write our post-quantum guidance are the same people who show up on your engagement.
"Our team is the most important investment we make. We take real pride in only accepting work we find genuinely interesting, engaging, and hard."
Dan Guido, CEO and co-founder
Leadership
Co-CEO
Leadership
Chief Scientist, Research
Also Engineering
Leadership
Engineering Director, Blockchain
Also Engineering
Leadership
CEO
Leadership
Engineering Director, Cryptography
Also Engineering
Leadership
Head of Research & Engineering
Also Engineering
Sales & Partnerships
Sales Manager II
Operations
Project Manager
Operations
Contract Support Specialist
Operations
Staff Program Manager
Engineering
Staff Security Engineer
Engineering
Senior Software Engineer
Engineering
Principal Security Engineer
Engineering
Staff Security Engineer
Engineering
Senior Security Engineer
Engineering
Senior Security Engineer
Engineering
Principal Security Engineer
Engineering
Staff Security Engineer
Engineering
Senior Security Engineer
Engineering
Principal Security Engineer
Engineering
Principal Security Engineer
Engineering
Principal Security Engineer
Engineering
Senior Security Engineer
Engineering
Principal Security Engineer
Engineering
Senior Security Engineer
Engineering
Principal Security Engineer
Engineering
Principal Security Engineer
Engineering
Principal Security Engineer
Engineering
Senior Security Engineer
Engineering
Principal Security Engineer
Engineering
Security Engineer II
Engineering
Senior Security Engineer
Engineering
Security Engineer II
Engineering
Security Engineer II
Engineering
Senior Security Engineer
Engineering
Senior Security Engineer
Engineering
Staff Security Engineer
Engineering
Principal Security Engineer
Engineering
Senior Security Engineer
Engineering
Staff Security Engineer
Engineering
Senior Security Engineer
Engineering
Senior Security Engineer
Engineering
Engineering Director, Machine Learning
Engineering
Staff Security Engineer
Trail of Bits timeline
These milestones explain why the roster is organized around published tools, research programs, and public artifacts rather than generic practice lines.
2012
We set out to publish security research and tooling to raise the bar for everyone.
2015
Competed to build autonomous vulnerability discovery systems as part of DARPA's Cyber Grand Challenge.
2016
Expanded osquery to support cross-platform endpoint security monitoring.
2017
Open-sourced Manticore, a symbolic execution framework used in DARPA research.
2018
Released Slither and Echidna, now industry-standard tools for smart contract security.
2019
Launched iVerify and co-founded the osquery Foundation with the Linux Foundation.
2024
Selected for AIxCC and awarded $1M to build an AI-powered Cyber Reasoning System.
2025
Won second place at DEF CON 33 and open-sourced Buttercup.
Work on problems that matter
Join Trail of Bits
Our mix of novel research and practical work reduces the risks our clients face from emerging technology, and it pushes the whole industry's understanding forward.
Join a team of experts
Tired of being the smartest person in the room? Trail of Bits is full of research engineers who break security problems and ship open-source fixes every day.
Work on problems that matter
From securing blockchains to DARPA programs, our teams have touched nearly every kind of product that depends on a secure foundation.
Remote first, always
While the rest of the industry calls people back to the office, we believe the best work happens where people work best. Annual off-sites bring the team together to build and learn.
