A breach doesn’t start with a firewall alert or a blinking light. It starts with a quiet probe, a subtle misstep, a pattern only an attacker would notice.
At Nightwing, defenders don’t wait for sirens — they train like attackers, think like adversaries and use artificial intelligence to anticipate the next move before it happens. In an era where cyber threats move at machine speed, Nightwing’s approach is anything but reactive.
Most cybersecurity companies play defense. Nightwing doesn’t. The intelligence solutions firm, spun out of Raytheon in April 2024, takes an attacker-first approach, fusing offense and defense to stay ahead in a threat landscape being reshaped by AI.
Vice President of Cyber Protection Solutions Jon Check sees this long-term strategy as part of the “infinite game” of cybersecurity: Building for what comes next, not just reacting to what already happened.
Training Defenders to Think Like Attackers
To stand out in a crowded defensive market, Nightwing leans on its offensive heritage.
“Not many people provide offensive cyber services because, in the U.S., there’s really only one customer — the government,” Check said. “But the defensive side is a very crowded market, so you have to find ways to stand out.”
That mindset led to the creation of Nightwing Labs, an internal environment where defenders are trained in offensive tactics, techniques and procedures, including proprietary lessons not available in public programs.
This approach helped the company challenge assumptions across its customer base.
“[Customers] all think they’re OK, ‘We’re fine, we’ve got this under control — our pen test and our controls and the blinky lights tell us we know what we’re doing,’” Check said. “When we bring our offensive side, we have a specific offering, CounterTrace, and we always find something.”
CounterTrace, Nightwing’s cyber vulnerability assessment service, goes beyond standard testing. It simulates real-world attacker behavior to expose risks that compliance checks miss. In 2025, the service won the Cybersecurity Excellence Award for Threat Detection and Response. Nightwing also received recognition as Best Cybersecurity Company.
Building a Unified Cyber Workforce
Check said defenders often focus only on what’s visible in front of them, while attackers probe from unexpected angles.
“The attackers know what defenders are using,” he said. “They’re going to try to figure out, OK, how do I get around it? Or how do I get inside — not come from the outside in, but come from the inside out?”
Nightwing’s workforce model reflects that same attacker-informed approach. The company actively moves people between offensive and defensive teams to break silos and build understanding.
“When I started here seven years ago, that wasn’t really the case,” Check said. “Those teams weren’t really communicating well. We’ve done a much better job of that rotation, where in the past, once you were in one camp, you rarely left and went somewhere else.”
Sometimes, those rotations open new paths. Defenders discover they belong on offense, and offensive experts bring fresh perspective to defense.
“One of the most effective things for us is really moving people between the teams to drive that conversation to where they’re not seen as offense versus defense,” Check said. “We’re one team.”
AI on Both Sides of the Fight
As AI goes mainstream, attackers are already using it to scale low-effort, high-impact campaigns. Check pointed to phishing emails tailored to look like they came from his wife, linked to services they both use. These aren’t generic spam attempts; they’re fast iterations, optimized by machine learning.
Nightwing is using the same playbook. The company is correlating attack data, scanning vast environments for weak signals and predicting next moves before they happen. On the offensive side, AI helps identify similar systems, map how past breaches happened and flag how future ones might unfold.
The company’s speed has only grown since its spinoff.
“We can really make sure that we can identify what our differentiator in the marketplace is and what our brand is: cybersecurity and intelligence,” Check said. “Our speed to action has increased. We can be way more high energy towards the things we want to do.”
That energy shapes hiring, too. Nightwing isn’t chasing perfect resumes — it’s looking for potential.
“If you lose interest in something after an hour, you probably won’t be the greatest person to work with us,” Check said. “We’re going to do the last 5% [of a problem]. That’s super hard. That takes a lot of time.”
From Hazmat Cleanup to Cyber Missions
Long before he began his cyber career, Check was working on hazardous materials cleanup in Texas. One day, his coworkers were racing explosive liquefied petroleum gas tanks downriver using front-end loaders. After one close call, he made a career shift.
That move led to a job fixing PCs at a medical center, a stint in product development at Dell, and eventually, into mission-focused government cybersecurity.
Now, the problems he’s solving are tied to something bigger.
For over 25 years, the U.S. government has relied on Nightwing’s offensive cyber expertise in reverse engineering, computer network operations and vulnerability research — uncovering more than 1,000 exploitable vulnerabilities across desktop, embedded and mobile platforms.
“The best thing I can do across my career is ensure that after I’m long gone, there’s a whole group behind me,” Check said. “I’m not worried about people leaving Nightwing. I’m only worried about people leaving cybersecurity.”