Starting Point
Xyston was was founded in mid 2019, but before that there was a project brewing among friends. In the very early months of 2019 an idea was pitched to start a project between six young engineering friends, all working professionally on various DoD (Department of Defense) contracts. Of those six, five decided to invest their personal time and money into the project and agreed to collaborate together.
The When, What, Where and Why
After the five of us decided to unite for a common interest, the when, what, where and why still needed to be solved. It was decided rather quickly that we needed a place to meet regularly, so we decided to split the cost and get a small suite in the middle of downtown Huntsville. After we had a place we could collaborate in, we needed to figure out a product or service we could provide. Everyone had the opportunity to pitch a few ideas with some well thought out market research on what we thought an end user would like.
Before Xyston was Xyston
The five of us narrowed down the ideas to one, and thus our product and name was born. We decided to make a community driven Huntsville events mobile application. You could view live events to attend, you could also create an event for all other users to see. The app was given the name VentsGo and within a few months, we had our MVP (Minimum Viable Product) launched to the public.
The Pivot Point
After just a little bit of time with VentsGo deployed, we realized we needed to pivot. VentsGo may of had the chance to become something big for us, but it would have taken a big marketing campaign and none of us were in the position to invest big money into advertisements. We began having discussions about another hobby of ours, reverse engineering and hacking embedded devices.
Establishing Xyston
Xyston became an established company by the state of Delaware in mid 2019. Xyston continued to conduct vulnerability research in the embedded systems space with IoT (Internet of Things) devices. Not only were we expanding our knowledge in embedded systems vulnerability researching, but we had started attending the Catalyst Center under the Small Business Administration training sessions. These sessions walked us through the process of obtaining our DUNS number, selecting our Cage Codes, and even becoming SBA HUBZone certified. The Catalyst was one of the biggest support vehicles that helped Xyston gain a foothold to make ourselves valuable to many government contracting companies in the cybersecurity sector.
The First Dollar
Like everyone, the global pandemic made things hard on us. We felt like we were starting to pick up steam at the very begging of 2020 when we were set to have four FTE's (Full-Time Equivalent) working commercial work. Then everything came crashing down due to the Covid-19 virus. After a couple months of laying low in quarantine, we decided to start physically meeting again in order to see our path forward among a global pandemic. Happily for us, after a couple short months later we had our first commercial embedded system vulnerability research assessment on an industrial network switch that was being implemented into one of the largest power companies in the state of California. Xyston had officially made it's first ever dollar.
Where We Are
Xyston has now conducted vulnerability research assessments on some of the biggest names and devices available on the market today. Some of these devices include home security camera systems, 5G home wireless gateways, industrial construction equipment, children's smartwatches, and even POS/Back Office systems used in-stores at one of the biggest brands in coffee.
Looking Forward
With most of our owners having backgrounds in DoD, Xyston is poised to bring the same cyber operations being done in the commercial space into the DoD and the Missile Defense Agency (MDA). Having first hand experience on an engineering level with MDA and other DoD systems, we know there is a need for what we do and we believe it is only a matter of time until we start seeing a lot more requirements calling out vulnerability research and penetration testing on these systems and future systems to come.
Comments