When I say I don't configure other people's solutions but build my own from scratch, it is not arrogance - it is a deliberate choice. I spent years working with commercial SIEMs, enterprise EDRs, and off-the-shelf orchestration platforms. They work. But there is always that moment when you hit a wall: an integration that does not exist, a workflow that does not fit, a licensing cost that kills the project.
My philosophy was born working with Italian SMEs. These companies need real security, not sales decks. They cannot afford 200k/year stacks, but they deserve enterprise-grade detection and response. So I started asking myself: what if I built the stack myself, using open source components, wiring them together with my own code?
The advantage of owning your code
When you own the code, you own the problem. If a SOAR playbook misbehaves, I don't open a vendor ticket - I open the source. If I need Wazuh to talk to a custom honeypot, I write the bridge. That level of control is priceless when you are handling real incidents at 3 AM.
Presidio, Valta, Mirage - every platform I have built was born from a real need. Presidio was born because clients needed XDR without the enterprise price tag. Valta was born because available threat intelligence was either too expensive or too noisy. Mirage was born because commercial deception systems cost more than the infrastructure they were supposed to protect.
I don't build for the sake of building. I build because it is the only way to give clients exactly what they need, without compromises and without vendor lock-in.
If you want to dive deeper into this topic or need specialized consulting, let us talk.
Let's talk →