Steve Springett Advisory
Contact

Start a conversation

I read every inquiry personally and reply within two business days. Introductory calls are free and carry no obligation. The goal is to figure out together whether an engagement makes sense.

Get in touch

Send a note

Chicago Northshore, Central Time. Replies personally, within two business days.

What can I help with?

Select any that apply. Most engagements blend two or three.

A few lines is enough. What you are working on, what outcome you are trying to reach, any timing or regulatory pressure.

Your details are used only to respond to this inquiry. They are not shared, sold, or added to any list.

What to include

A useful first message looks like this

You do not need to fit a form. The points below just help me respond with something more useful than a generic reply.

  1. Your role and organization

    Title, company, and a short description of what the organization builds or operates. Public or private, regulated or not.

  2. The situation you are in

    Are you responding to a regulatory deadline, a customer request, a board question, an incident, or a strategic bet you are making? The distinction shapes the advice.

  3. What you have tried so far

    Tools you have piloted, frameworks you have considered, teams you have engaged. I will not duplicate work you have already done.

  4. The outcome you want

    A one sentence description of what good looks like three to six months from now. This is the single most useful thing you can send.

  5. Constraints

    Timeline, budget range, procurement process, confidentiality needs. Be honest. I will be.

What I do not do

Honest about scope

A short list of things I politely decline, so you can route your inquiry faster if needed.

  • Endorse, resell, or promote commercial products. My work is deliberately vendor neutral.
  • Build turnkey tooling or take on long term staff augmentation. I advise, teach, and oversee.
  • Write marketing content, co author vendor whitepapers, or appear at sponsored sessions without independence.
  • Take engagements where the expected outcome is a predetermined conclusion rather than an honest finding.
Other ways to reach me

Channels, briefly.

  • LinkedIn. Good for quick questions, press inquiries, and community conversation.in/stevespringett
  • GitHub. Open source issues, pull requests, and working group participation.github.com/stevespringett
  • OWASP Slack. Drop into the CycloneDX and Dependency-Track channels on the OWASP Slack workspace.owasp.org/slack
  • Ecma International Technical Committee 54 (TC54). Working group participation is open. Details on tc54.org.tc54.org

Still deciding?

Browse the resources page. Much of what a first engagement opens up is available there, openly, for no cost. If after reading you still think we should talk, I will be here.

See resources About Steve