Tessian Culture
Seriously Tech, It’s Time to Ditch the Zero-Sum Game
By Sabrina Castiglione
06 January 2021
In the spirit of the late-90’s classic, 10 things I hate about you, here are 10 things I hate about how my industry thinks about Diversity: Assuming Diversity = Inclusion 1D-diversity: focus on only one of gender, race, sexuality, etc. Diversity as just a hiring problem Inclusion as just a People/HR team problem Ending the convo after unconscious bias training PR without follow-through Leaving D&I to the affinity groups Assuming Equality = Equity Lack of measurement  The Zero-Sum Game I could talk about any of these, but the zero-sum game is the one that doesn’t get spoken about anywhere near enough. An example: The gender gap in tech
Here’s a simplified version where we take gender as an example.  To make the numbers easier to understand, let’s imagine that the tech industry is 75% male, 25% female (this is generous; women make up c. 24% of Technology positions). Every Tech company:  ‘We want a 50/50 gender balance’  Does dedicated diversity sourcing, asks for diverse shortlists, shouts a lot about diversity, has a fancy policy, etc etc. Also many Tech companies:  Does nothing to improve the gender diversity of the overall industry pool This is crazy. If there were 100 tech workers in the whole world, 25 were female and 75 were male, and there were two 50-person tech companies out there… if one of those companies actually achieved a 50/50 gender split, the other company would be at 0/100.  This is, at best, a local, not global success.  The tech industry’s diversity push is one never ending tug of war, yet this is the zero-sum game and the approach most tech companies take. So what does really caring about diversity look like?  TL;DR: bringing up a more diverse next generation.  Stereotypes are insidious and start at an early age – way before workers enter the workforce, even before students pick their disciplines in school that affect how they enter the workforce. There’s even evidence to suggest these stereotypes are there before children even learn to read.  And these stereotypes tell minorities that technical, high-paying jobs in tech aren’t for people like them. We’re only going to solve the diversity problem in tech by going to the source, where there are two issues:  Not enough diverse people entering the technology workforce (whether out of school or switching later in life); and  The pipeline is leaky – diverse candidates are more likely to exit the tech industry (for caring duties, personal reasons, or discrimination) than those in the majority. Inclusion initiatives should help with the second facet – and there’s been great work by many tech companies to shift to more human-first working patterns, practices and policies to shore up the leaks. But there is a lot of work to do to combat the first challenge & get more people into tech in the first place.
What you can do to support diversity in tech So, tech companies out there, here are three things you can do to get us out of this zero-sum game: 1. Support early-age initiatives Awareness of future career opportunities in diverse populations is a challenge. At Tessian, we’ve been working with organisations such as the WISE Campaign’s Young Professionals’ Board whose mission is to inspire, engage & advocate for the next generation of STEM (science, technology, engineering and maths). Gisela Rossi, Tessian Engineer & WYPB member has been supporting initiatives such as the Tara Binns book series working to break down stereotypes in children aged 5-11, and running competitions to engage children in these industries. There are many great organisations out there such as the WISE Campaign, and STEM.org, but don’t just donate dollars – donate voices, and donate time. 2. Go back to school On that note, volunteering initiatives are powerful. We encourage our Tessians to take volunteer days & outreach to schools to raise the profile of voices in tech, and evangelize that tech can be for anyone. Don’t just leave it to teachers – show the promise of these roles to the next generation, don’t just tell them about it. A quick tip is to reach out to local schools – especially those that lack the resources to explore these subjects. Local alumni speakers who are actually in these industries are a quick and simple way to show children that there are real opportunities out there for all people – including people like them.  3. Grads Grads Grads (& Career Changers) Yes, you need diversity at the top too, but if all your roles demand 5+ years of experience, the next generation of diverse candidates is never going to arrive.  As soon as you reach a critical mass, you need entry-level programs and paid internships – and yes; they have to be paid, because unpaid internships are only viable for those who can already afford not to bring in earnings.  What about at Tessian? At Tessian, we were less than 15 people when we hired our first intern, and we’ve run paid internships (sometimes in full blown programs, sometimes ad-hoc) and brought in young talent ever since. And we’re hiring our next engineering grad intake now. Yes – it’s going to eat up some management time, but in my view, any tech company with a decent cash balance that isn’t running either paid internships or entry-level programs, isn’t taking diversity seriously in a meaningful sense. Doing the right thing, and running a human first company can be hard; the benefit of the initiatives will be felt by the tech industry in 10 or 20 years’ time, not the tech industry of today.  The ROI in your one to three year business plan isn’t going to bear the fruit of these initiatives, but folks, we have to solve this: we have a huge skills gap in tech and cyber security, where there are high paid jobs sitting vacant for lack of interest and training.  As an industry with so much promise and so much investment, we need to stop looking inwards and start looking outwards to the global tech ecosystem, or our diversity initiatives will just be us forever chasing our tail.
Tessian Culture
Why Shutting Down Tessian Was The Best Decision We Ever Made
By Sabrina Castiglione
24 December 2020
When we set out to define our values, we asked our people what being a Tessian meant to them. The value that was born out of this – now our first and foremost value – is Human First.  Human First is the value we’d always had but never captured in words. As soon as it crystallized, it was everywhere. Within weeks you would hear it in every other meeting, it would be the first question in every decision that touched our people, and it merged completely into how we think about our mission; even more than being a cutting-edge technology company, we’re a cutting-edge human company, building for human beings as they are, not how security standards want them to be. So what does it mean to be a Human First company in the age of coronavirus? Like many companies a lifetime ago (March 2020) we went remote overnight. A formerly office-first company, we’d naively expected lower productivity & that everyone would be more relaxed not having to travel to and from the office every day. We were so wrong.
A couple of weeks in, once the novelty of an extra hour in bed had worn off and we had realized that being remote wasn’t stopping work getting done, we started to pick up on themes – people working later and later, more and more questions in our employee engagement platform about mental health, self care, and dealing with stress.  We talked a lot more about our Employee Assistance Program and we told people they should still try & take their paid leave. But compounded by being confined at home, those who managed to take leave found that they couldn’t help but gravitate back to their phone & laptop, with email & messaging pinging throughout the day (and night, since we’re an international team). Our Tessians couldn’t switch off with no-where to go and the spectre of their inboxes piling up and up. We knew we needed to stop saying things, and needed to do something big, fast. So we shut down the Company. (For a day.) Why? Let’s roll back a moment. We asked people why they were struggling to switch off, and we listened to their fears of letting their teammates down with so much work going on, and the creep in hours to find overlap time with their international colleagues.  We realized that unless all our Tessians – from the CEO, to our newest graduates – were all offline, it was hard for anyone to be offline. Enter Refreshian Day.
Refreshian Day is not a vacation or holiday day. It’s a paid day we give to our Tessians, to do what they need to do to take care of themselves, when all Tessians are offline, together. When we know our people have been, or will be, working even harder than usual to bring our vision to life, it’s important to give something back. Our first Refreshian was in July; our second, October. And today we’ve announced our third in February 2021.  We ask only two things of our people on Refreshian day: Don’t work Take time to take care of you Being human means one size never fits all, and our Tessians have variously taken long walks, spa days, watched sunsets, crafted pottery and baked a lot (lot, lot) of bread. Being a human first company means giving our people the space and time to revel in what makes them unique – even if it means shutting everything down from time to time.
How would you spend your Refreshian day? Join us and find out.
Tessian Culture
Our Journey Towards Diversity and Inclusion
By Jade Jarvis
18 December 2020
Over the past few months, Tessian has been taking steps towards creating a more diverse and more inclusive place to work.  Why? Because We’ve acknowledged that we’re not as diverse as we want to be. But, we’re committed to making a change.  Why is this so important to us?  Of course, there are many reasons (just a few mentioned by our very own Tessians) but the two main drivers are for:  The individual: it’s the right thing to do. Diversity is infinite and everyone should feel valued for who they are and have the opportunity to bring this to work.  Our future: With diversity of thought, we can be a better Tessian. This will enable us to not only challenge the status quo and stay ahead of innovations, but also create opportunities for more people to be a part of our journey.  We know this isn’t something we can change overnight, but we’re already making small positive moves in the short-term as we work towards those bigger, long-term changes.  Most importantly, we simply want to make a difference where we can. This is an industry-wide problem. That means it involves every single one of our Tessians. So, where do we start? We believe the first step is understanding and awareness, combined with action and change. This is what prompted us to begin our Diversity and Inclusion learning journey.  The Journey  We partnered with Jeff Turner to build and deliver our D&I learning journey for everyone to experience together – to learn, connect and come together as one company.  Two key aims for the program were:  Shared understanding: Part of the training was to socialize D&I terms; to not only get everyone ‘speaking the same language’, but also to create a safe environment for people to ask questions and learn about each other’s different perspectives.  Building connections: We chat to some of our colleagues every day. But, how many times do you get the response ‘Good, thanks’ when you ask someone how they are? I bet almost every time! We wanted to give people the chance to build connections across departments at Tessian and encourage people to share deep experiences that they otherwise might not have.  The program consisted of three sessions (described very high-level below) and each were delivered two weeks apart:  Diversity: Appreciating our differences and knowing that everyone brings value to the workplace.  Unconscious Bias: Accepting that everyone naturally has their own biases which have formed over time based on our life experiences, preferences, education – all the things that make us who we are. And importantly, recognizing that we can make the unconscious, conscious by challenging our own biases when making decisions.  Building Inclusion: Consciously ensuring our behavior is inclusive and learning how to appropriately call out exclusive behavior including microaggressions.  There were 25+ people involved in each session. Importantly, these people dialed in from all around the world. This enabled the sessions to be interactive. We also learned from feedback that these smaller, diverse groups made people feel safe and encouraged everyone to share their personal experiences. No judgement.  But we didn’t want these sessions to be the only place where people talked about Diversity and Inclusion.  To ensure the conversation continued throughout the business, we sent out pre-reads with three key learning objectives and three things to think about ahead of the session and post-reads with the top three takeaways and suggested follow up actions. 
What did we learn?  We’ve had exceptional feedback following the completion of this program and already feel like it has had a positive impact on our company culture.  The essence of the feedback is that the program genuinely encouraged deep self-reflection and learning. People have told us that not only have they already learned things that will change how they behave going forward, but that it’s been an amazing bonding experience with their colleagues – which means even more in this period of remote worklife.  A few direct quotes from our employees: “Best D&I session I’ve had – it didn’t focus on the more obvious points of diversity but delved much more deeply into what makes each of us different.” “IT WAS BLOODY AWESOME.” “I love these sessions, they challenge your perceptions and make you know other people you work with better. I am honestly sad that there’s only one left.” It doesn’t end there… As we’ve said, there’s no quick fix here. We have to keep working together to enable change.  Our culture is highly collaborative and that’s why it’s so important to us that we’re co-creating solutions and actions with Tessians as we go – to find out what they want, what they need, and how we can learn together along the way.  Here are a few ways we’re continuing to push forward:  Inclusion competition: We’ve asked people to submit their ideas for what we can do to create a more inclusive place to work. Ideas will be judged based on potential impact, scalability, and originality. We’ve already received some great entries so far. Watch this space!  ‘Managing Inclusively’: In 2021, Jeff will be back to deliver an additional session exclusively for our managers. Here we will go even deeper – talking about privilege and the power that we disproportionately hold as managers, and how to use this power to create change. D&I report: For the first time ever, we’ll be internally publishing a D&I report to share key metrics and what these metrics mean. Transparency is an essential component. We expect to uncover a lot of home truths that will lead us to building the right solutions for Tessian. We have a long way to go on this journey of creating a better Tessian and a better world. We will continue to share as we go along, and would love to hear from anyone interested in coming on this journey with us.
Tessian Culture
Customer Success: Lessons Learned in 2020
By Henry Trevelyan Thomas
16 December 2020
What a year! As 2020 draws to a close, we wanted to take some time to reflect on some awesome wins and what we’ve learned through a tumultuous year. I’ll try my best to not mention “Zoom fatigue”, “the new normal” or “unprecedented”.  Here goes nothing. 2020 in numbers 👨‍👨‍👧‍👧 We spent more time with our customers than ever before with >1000 customer review meetings taking place 💻 We onboarded our 200,000th employee on to the Tessian platform  ❌ We detected or prevented 450,000 misdirected emails and advanced spear phishing attacks, and over 2,000,000 data exfiltration attempts for our customers  🌍 We started working with some incredible new customers across the world – Cordaan, GoCardless, and Schroders PW to name just a few 📣 35 customers took to the stage at various Tessian events to speak about their approach to Human Layer Security and security culture
Agility is key The security challenges the pandemic created for our customers were far greater than navigating the overnight transition to remote working. Email sending was up 129%, attackers pivoted quickly to COVID-related attacks, and employee uncertainty led to unconventional (and non-compliant) sending behaviors. We all had to pivot quickly. At Tessian, our CSMs ran consultative health checks with all customers, our Product and Data Science teams updated our end-user warnings to raise employees’ awareness of COVID-related attacks, and our Marketing team launched our remote-working content hub filled with blogs, guides and reports for customers to consult and share with employees. A true embodiment of craft at speed. Security came to the forefront 2020 was another year of security grabbing the attention of boardrooms, investors and mainstream media outlets. Specifically, the trend of having empathy for employees accelerated. This has led to the rise of technologies that work in the background – making employees’ lives easier and unburdening them from the expectation that they must also be security experts. As Tim Fitzgerald (CISO @ Arm) and I reflected on, everyone has gone through so much this year (personally and professionally), that security teams need to lead with an approach that helps empower rather than restrict their employees. What’s more, it was the year that Human Layer Security became widely recognized as the obvious and necessary direction enterprise security is headed, with Tessian being recognized by both Gartner and Forrester for the work we’ve been doing with our customers.  In short, when times got tough, our goal “to stop breaches, not business” became more important than ever.  Visibility of risk takes a whole new meaning in a remote world As we’ve touched on before, security teams have gone from managing a handful of offices around the world to thousands of home offices around the world. In this decentralized working model, visibility is more important than ever before. We identified that early and worked incredibly hard to bring our customers more visibility into their human layer security risks. From our customer conversations it became apparent that security teams were more stressed and stretched than ever. Rather than throwing more data at them, we needed to focus on surfacing the most relevant trends and actionable insights so that security teams could be more effective and efficient in reducing risk. And that led to our launch of our Human Layer Security Intelligence platform.  The best CISOs are culture champions The role of a CISO continues to evolve. No longer is it enough to implement top-down technology and hope for the best. The most forward-thinking security teams are building positive security cultures by appointing security ambassadors and asking management to drive awareness in their teams. More on that with my conversation with Kevin Storli (Partner @ PwC) here and from Mark Logsdon (Head of Cyber Assurance and Oversight @ Prudential) here. Your suppliers’ risk is your risk As Kevin and I also discussed, it’s no longer enough to inwardly think about your risk. You need to engage with your supplier ecosystem to ensure you’re on the same page. We’ve all seen the headlines about a recent high-profile supply-chain attack, and it’s likely that we’ll see more of these in the future. Security is a team sport and we need to all be vested in the security of others. 
Putting the “human” in Human Layer Security Finally, being human-first is one of the core values we live by at Tessian, I’m proud of how my team carried this with them day-to-day.  Before every interaction we asked ourselves two key questions: 1) Are we being genuinely helpful? and 2) Are we being deeply empathetic to our customers’ circumstances?  It’s about recognizing that each new customer win for us has been underpinned by forward-thinking security folks who are fighting to protect their employees against yesterday’s, today’s, and tomorrow’s risks. Each Quarterly Business Review is a story of helping those people who invested in Tessian do a great job and get the recognition they deserve. Each internal meeting is about understanding how we can support each other to succeed together. As a result, our relationships are stronger, and more people are protected by Tessian.  (Shout-out to Nick Mehta, CEO @ Gainsight, for his words of wisdom at our Q2 Town Hall and to Howard Schultz, former CEO at Starbucks,  at our Human Layer Security Summit – two leaders who are truly human-first and always lead by example.) Goodbye 2020, hello 2021 👋 From being hit by a pandemic to developing a more human-first approach to our customer relationships, it’s been a different kind of year. We’ve formed some amazing partnerships and been pushed in all the right ways by our customers. It’s important to reflect on how much we accomplished and learned, and of course, to say thank you to those who helped us along the way. Now, onward to 2021.
Tessian Culture
Introducing Tessian’s New Hybrid Remote Model: Choice First
By Paige Rinke
04 December 2020
We certainly won’t be the first to have made this claim in the last nine months but…the world has changed. Yes – we’ll say it – these are unprecedented times.  That’s why companies around the world are reinventing their approach to engaging with and supporting their people. How has Tessian adapted so far this year? So, what have we done at Tessian? A lot.  We’ve reimagined how we socialize and connect with Tessians all over the world (yes, there’s been bingo!). We’ve set up fully remote onboarding for the first time ever. We’ve even ever-so-briefly re-opened our London office, with super safe protocol and measures put in place to protect those of us who wished to return. We’ve done it all. But undoubtedly the biggest challenge we’ve had to grapple with – and therefore the question we’ve had to answer – is this: What should the new world of work look like for Tessians when things start to return to “normal”?  We know for sure that our office of the future will be very different from our office of the past, but what exactly does it look like? And, more importantly, how do we support  Tessians while the future is still so unclear? It’s been a journey, but we’re excited to finally share Tessian’s plans for the future. It’s looking bright – and full of choice. What does the new world of work look like at Tessian? Some companies pride themselves on being entirely remote. And there are no doubt benefits to this simplified approach. No office politics. And, decisions don’t get made “where the action is” (in the office) because, well, there isn’t one! Others are still trying to retain an office that puts culture first. They want to create a space that fosters collaboration and offers the social benefits that are synonymous with a bustling office.  But we believe that both of these approaches – while possibly easier and with fewer risks to manage – miss out on one of the most important determinants of happiness and wellbeing in our lives: Choice. So, at Tessian, we’re excited to announce our new approach to the future of work: Choice First What is Choice First? Choice First enables Tessians and future Tessians to do their best work, in whatever way is best for them. Put simply, we will be giving our team three options to choose from, with as few caveats as possible:
Why have we landed here (and not remote first, or office first)? We have done extensive internal and external research, and there are three core reasons we believe this is the way forward.  1. Attract (and keep!) world-class talent  We know that the best companies in the world will be adopting remote options for employees while keeping hubs for those employees who prefer being able to work and socialize in the office. It’s about getting the best of both.  We want to be amongst these companies. That way, we can continue to attract and retain the best people.  Internally, having heard from our people (our Culture Council has done some great work here), some Tessians can’t wait to get back to the office.  We want to ensure that we still have this option in the future. In fact, some have even said they wouldn’t want to work for a company that didn’t have this as an option! But some Tessians have experienced an enormously positive change in their lives since skipping the commute to the office every day. We need to ensure that we offer both. Just look at the results of our most recent research report, Securing the Future of Hybrid Working. You can see employees really do want to be able to work from anywhere. !function(e,t,s,i){var n="InfogramEmbeds",o=e.getElementsByTagName("script"),d=o[0],r=/^http:/.test(e.location)?"http:":"https:";if(/^\/{2}/.test(i)&&(i=r+i),window[n]&&window[n].initialized)window[n].process&&window[n].process();else if(!e.getElementById(s)){var a=e.createElement("script");a.async=1,a.id=s,a.src=i,d.parentNode.insertBefore(a,d)}}(document,0,"infogram-async","//e.infogram.com/js/dist/embed-loader-min.js"); 2. Diversity catalyst  This will open doors to new pools of diverse talent and will make room for every potential Tessian. We believe this will support us in creating a more diverse “place” to work by:  Opening up talent pools in different locations around the country (and world!) Allowing those who need to work from home for health reasons, or due to caring or other responsibilities, will be able to join the Tessian experience Enabling those who do want to enjoy the social elements of an office to do so Learn more about why diversity is important at Tessian…from Tessians. Watch the video now. 3. Take care of Tessians and support wellbeing Choice First allows people to be in control of their own working lives.  Which is a good thing. Why? Because what works for one person may not work for another.  Studies have shown that when employees are given the freedom to make the right choices for their career and their life outside of work, their holistic wellbeing will be greater.  Surprisingly, given how difficult this period of working from home has been, our own engagement data is backing up how not being in the office can increase wellbeing. We’ve had a significant (over 10%!) uplift in our company engagement scores against the “health” driver (which measures things like mental and physical wellbeing) since leaving the office back in March.  So, for people to do their best work, and have good holistic wellbeing, we need to enable choice around work locations and preferences. What about the risks?  We all know that introducing a hybrid culture is not without its challenges. So we’re dedicating significant time and resources over the coming months to counteract these. Just some of the key things we’re thinking about are below.  Culture Inclusivity – How do we make sure people aren’t left out because they do or don’t work in the office? Communication – How do we make sure people feel connected to what’s happening at Tessian? Fun – How do we keep things interesting in a hybrid environment? Fairness – How do we make sure no one is positively or negatively impacted due to their choice? Ways of working Communication – When do we use synchronous vs asynchronous communication? How we work – Are hybrid working patterns different from office-based patterns? Security – How can we continue leveraging technology, policies, and training to keep our people safe, wherever and however they work?  Amplifying performance – How can we provide in-the-moment feedback and help Tessians do their best work, even when we’re not all together? Effectiveness – Does hybrid make it harder to get stuff done? Do we have the right tools in place to support everyone? What’s next? There is still a lot of work to be done. We will be mobilizing our internal teams to make sure our current employees and future Tessians have clarity about their options. Of course, decisions don’t need to be made just yet. Watch this space for more insights about our journey – we can’t wait to share it with you.
Tessian Culture
A Solution to HTTP 502 Errors with AWS ALB
By Samson Danziger
03 November 2020
At Tessian, we have many applications that interact with each other using REST APIs. We noticed in the logs that at random times, uncorrelated with traffic, and seemingly unrelated to any code we had actually written, we were getting a lot of HTTP 502 “Bad Gateway” errors. Now that the issue is fixed, I wanted to explain what this error means, how you get it and how to solve it. My hope is that if you’re having to solve this same issue, this article will explain why and what to do.  First, let’s talk about load balancing
In a development system, you usually run one instance of a server and you communicate directly with it. You send HTTP requests to it, it returns responses, everything is golden.  For a production system running at any non-trivial scale, this doesn’t work. Why? Because the amount of traffic going to the server is much greater, and you need it to not fall over even if there are tens of thousands of users.  Typically, servers have a maximum number of connections they can support. If it goes over this number, new people can’t connect, and you have to wait until a new connection is freed up. In the old days, the solution might have been to have a bigger machine, with more resources, and more available connections. Now we use a load balancer to manage connections from the client to multiple instances of the server. The load balancer sits in the middle and routes client requests to any available server that can handle them in a pool.  If one server goes down, traffic is automatically routed to one of the others in the pool. If a new server is added, traffic is automatically routed to that, too. This all happens to reduce load on the others.
What are 502 errors? On the web, there are a variety of HTTP status codes that are sent in response to requests to let the user know what happened. Some might be pretty familiar: 200 OK – Everything is fine. 301 Moved Permanently – I don’t have what you’re looking for, try here instead.  403 Forbidden – I understand what you’re looking for, but you’re not allowed here. 404 Not Found – I can’t find whatever you’re looking for. 503 Service Unavailable – I can’t handle the request right now, probably too busy. 4xx and 5xx both deal with errors.  4xx are for client errors, where the user has done something wrong. 5xx, on the other hand, are server errors, where something is wrong on the server and it’s not your fault.  All of these are specified by a standard called RFC7231. For 502 it says: The 502 (Bad Gateway) status code indicates that the server, while acting as a gateway or proxy, received an invalid response from an inbound server it accessed while attempting to fulfill the request. The load balancer sits in the middle, between the client and the actual service you want to talk to. Usually it acts as a dutiful messenger passing requests and responses back and forth. But, if the service returns an invalid or malformed response, instead of returning that nonsensical information to the client, it sends back a 502 error instead.  This lets the client know that the response the load balancer received was invalid.
The actual issue Adam Crowder has done a full analysis of this problem by tracking it all the way down to TCP packet capture to assess what’s going wrong. That’s a bit out of scope for this post, but here’s a brief summary of what’s happening: At Tessian, we have lots of interconnected services. Some of them have Application Load Balancers (ALBs) managing the connections to them.  In order to make an HTTP request, we must open a TCP socket from the client to the server. Opening a socket involves performing a three-way handshake with the server before either side can send any data.  Once we’ve finished sending data, the socket is closed with a 4 step process. These 3 and 4 step processes can be a large overhead when not much actual data is sent. Instead of opening and then closing one socket per HTTP request, we can keep a socket open for longer and reuse it for multiple HTTP requests. This is called HTTP Keep-Alive. Either the client or the server can then initiate a close of the socket with a FIN segment (either for fun or due to timeout).
The 502 Bad Gateway error is caused when the ALB sends a request to a service at the same time that the service closes the connection by sending the FIN segment to the ALB socket. The ALB socket receives FIN, acknowledges, and starts a new handshake procedure. Meanwhile, the socket on the service side has just received a data request referencing the previous (now closed) connection. Because it can’t handle it, it sends an RST segment back to the ALB, and then the ALB returns a 502 to the user. The diagram and table below show what happens between sockets of the ALB and the Server.
The fix … is fairly simple.  Just make sure that the service doesn’t send the FIN segment before the ALB sends a FIN segment to the service. In other words, make sure the service doesn’t close the HTTP Keep-Alive connection before the ALB.  The default timeout for the AWS Application Load Balancer is 60 seconds, so we changed the service timeouts to 65 seconds. Barring two hiccoughs shortly after deploying, this has totally fixed it. The actual configuration change I have included the configuration for common Python and Node server frameworks below. If you are using any of those, you can just copy and paste. If not, these should at least point you in the right direction.  uWSGI (Python) As a config file: # app.ini [uwsgi] ... harakiri = 65 add-header = Connection: Keep-Alive http-keepalive = 1 ... Or as command line arguments: --add-header "Connection: Keep-Alive" --http-keepalive --harakiri 65 Gunicorn (Python) As command line arguments: --keep-alive 65 Express (Node) In Express, specify the time in milliseconds on the server object. const express = require('express'); const app = express(); const server = app.listen(80); server.keepAliveTimeout = 65000
Looking for more tips from engineers and other cybersecurity news? Keep up with our blog and follow us on LinkedIn.
Tessian Culture
Why Shutting Down Tessian Was The Best Decision We Ever Made
01 November 2020
When we set out to define our values, we asked our people what being a Tessian meant to them. The value that was born out of this – now our first and foremost value – is Human First. Human First is the value we’d always had but never captured in words. As soon as it crystallized, it was everywhere. Within weeks you would hear it in every other meeting, it would be the first question in every decision that touched our people, and it merged completely into how we think about our mission; even more than being a cutting-edge technology company, we’re a cutting-edge human company, building for human beings as they are, not how security standards want them to be. So what does it mean to be a Human First company in the age of coronavirus? Like many companies a lifetime ago – March 2020 – we went remote overnight. A formerly office-first company, we’d naively expected lower productivity & that everyone would be more relaxed not having to travel to and from the office every day. We were so wrong. A couple of weeks in, once the novelty of an extra hour in bed had worn off and we had realized that being remote wasn’t stopping work getting done, we started to pick up on themes – people working later and later, more and more questions in our employee engagement platform about mental health, self care, and dealing with stress.  We talked a lot more about our Employee Assistance Programme & we told people they should still try & take their paid leave. But compounded by being confined at home, those who managed to take leave found that they couldn’t help but gravitate back to their phone & laptop, with email & messaging pinging throughout the day (and night, since we’re an international team). Our Tessians couldn’t switch off with no-where to go and the spectre of their inboxes piling up and up. We knew we needed to stop saying things, and needed to do something big, fast. So we shut down the company. (For a day.) Why? Let’s roll back a moment. We asked people why they were struggling to switch off, and we listened to their fears of letting their teammates down with so much work going on, and the creep in hours to find overlap time with their international colleagues.  We realized that unless all our Tessians – from the CEO, to our newest graduates – were all offline, it was hard for anyone to be offline. Enter Refreshian Day.  Refreshian Day is not a vacation or holiday day. It’s a paid day we give to our Tessians, to do what they need to do to take care of themselves, when all Tessians are offline, together. When we know our people have been, or will be, working even harder than usual to bring our vision to life, it’s important to give something back. Our first Refreshian was in July; our second, October. And today we’ve announced our third in February 2021.  We ask only two things of our people on Refreshian day: Don’t work Take time to take care of you Being human means one size never fits all, and our Tessians have variously taken long walks, spa days, watched sunsets, crafted pottery and baked a lot (I mean a lot) of bread. Being a human first company means giving our people the space and time to revel in what makes them unique – even if it means shutting everything down from time to time. How would you spend your Refreshian day? Join us and find out.  “Finding peace in Cornwall” “Exploring Kew Gardens” “Dog walks in Greeenwich” “Escaped to Lisbon” “Sailing in Wales”
Human Layer Security Spear Phishing Tessian Culture
8 Book Recommendations for Security Professionals
By Maddie Rosenthal
22 October 2020
Most security professionals rely on recommendations from their peers when it comes to vendors, solutions, and strategies. So, why not books? We asked our own cybersecurity experts what they were reading and rounded-up eight books to add to your reading list. The Cuckoo’s Egg In 1986, Clifford Stoll – a systems administrator at the Lawrence Berkeley National Laboratory – wrote this book. Based on his field notes, this is arguably one of the first documented cases of a computer hack and the subsequent investigation, which eventually led to the arrest of Markus Hess.  It’s now considered an essential read for anyone interested in cybersecurity. CISO Compass: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers  While this book covers all the fundamentals of IT security governance and risk management, it also digs deeper into people. After all, being a CISO isn’t just about technology. The insights in the book come directly from CISOs. In total, 75 security leaders contributed to the book, which means there’s plenty of actionable advice you can apply to your strategies.  Looking for more insights from security leaders? Check out Tessian’s CISO Spotlight series.  Art of Deception Written by someone pretty well-known in the security field – Kevin Mitnick – Art of Deception offers readers an insider’s view on what it takes to hack a system (and therefore what you can do to protect yourself).  Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers  Politics play a big role in cybercrime.  This book is focused on Sandworm, the group of Russian hackers who, over the last decade, has targeted American utility companies, NATO, and electric grids in Eastern Europe and paralyzed some of the world’s largest businesses with malware. But the author, Wired senior writer Andy Greenberg, also provides plenty of background on both the technology and the relationships between various countries. Social Engineering: The Art of Human Hacking If you want a breakdown of every aspect of social engineering – from elicitation, protecting, influence, and manipulation – this one’s for you. Written by Christopher Hadnagy – the lead developer of the world’s first social engineering framework – this book is a sort of intro to hacking humans that could help you level-up your phishing awareness program and defenses.   We take a deep dive into the psychology of human error in this report, with insights from Stanford Psychology and Communications professor Jeff Hancock.  The Fifth Domain: Defending Our Country, Our Companies, and Ourselves in the Age of Cyber Threats In the same vein as Sandworm, this book explores cyberwar, nation-state hackers, and the future. While it doesn’t offer highly technical insights, there is plenty of practical advice on how organizations and individual people can avoid being hacked.  Cult of the Dead Cow Cult of the Dead Cow explores some of the world’s most infamous hacking groups – particularly the cDc – and explains how technology, data, and – well – the world has changed because of them.  CISM Certified Information Security Manager All-in-One Exam Guide Yes, this is an exam guide…and yes you should add it to your reading list. If nothing else, to have on-hand as a reference. Why? It covers everything. Security governance, risk management, security program development, and security incident management. Curious as to whether or not other security professionals have their CISM certification? We interviewed 12 women about their journeys in cybersecurity. Read their profiles here and the full report, Opportunity in Cybersecurity Report 2020.
Human Layer Security Tessian Culture
Why Customer Centricity is So Important At Tessian
By Samantha Holt
27 August 2020
We believe this whole-heartedly at Tessian. That’s why we’ve made Customer Centricity one of our six company values, and why we’re making it – along with being Human-First – our focus going into Q4.  So, what does “Customer Centricity” actually mean?  It means that our customer’s success doesn’t sit with one functional team. Instead, it’s the entire company’s responsibility. It’s embedded into every role, across every team. It’s a part of Tessian’s company culture. Whether we’re launching a feature, or pursuing a partnership, we always ask “How does this help our current and future customers?”  Keep reading to find out why customer-centricity is more important now than ever, what we’re doing internally to ensure we’re being guided by this value every day, and what we learned from Nick Mehta, a guru of Customer Success and the CEO of Gainsight, during his live discussion with Tessian CEO and Co-Founder, Tim Sadler.  Why are we focusing on customer-centricity now? It’s been a tumultuous few months for businesses around the world which means that two of our values are especially relevant: Customer Centricity and Human First. They go hand-in-hand. Nick explained why.
Instead of just looking at the effects of COVID-19 and the economic downturn from our perspective, we’ve stayed laser-focused on what our customers are going through. The ultimate question that we’ve asked ourselves – and will continue asking ourselves – is “How can we best support our customers through this period?” How can we help? How can we show real value?  As we’ve said, we believe this is the responsibility of all Tessians. Nick does, too. “It’s not just about the customer success function or customer-facing roles. It’s all roles. Customer Success if about end-to-end customer experience, but everyone in the company touches that. In Finance, part of the customer experience is the invoice you send them and the collection emails you send. Those things matter a lot.  If you’re in Legal, the terms in your contract affect the customer experience. Are they friendly? Are they easy to understand? Even if you’re not talking to a customer every day, you can still look at customer data to help you do your job better,” he said. What are we doing internally to make sure we’re being guided by these values?  Here are steps we’re taking this quarter to show our commitment to our customers: We’re creating a more human experience for our customers. We’ve been thinking deeply about our customer journey during this period, in particular the AE-CSM holdover. We want our customer’s experience to be as seamless – and as human – as possible. This influences how we communicate, when we communicate, and the ways in which we demonstrate value. It all comes back to being human-first and, as Nick said, “treating customers not just as a transaction or a deal, but as a group of human beings”. We’re empowering all Tessians to understand their role in customer success. During our Town Hall, we asked everyone at Tessian to take this quarter to reflect on this question: How does your role impact our customers? We’re encouraging even those employees who aren’t in customer-facing roles to explore the challenges our customers are facing and what we can do to best support them. We’re also kicking off a Customer Success Book Club. Our first pick? Nick’s latest book “The Customer Success Economy”. This way, all Tessians can understand how to apply customer-centric principals to their specific role.  We’re immersed in customer feedback. We are taking the time to find even more ways to communicate with our customers during COVID, even without face-to-face meetings. We want to make sure we understand – at all times – how their priorities are shifting. That way, we can anticipate their needs and continue delivering an amazing customer experience. We’re setting company-level OKRs focusing on Customer Centricity. While creating all of these initiatives and putting them into action are steps one and two, we have to somehow hold ourselves accountable. That’s why we’ve set company-level OKRs. Now, individuals, teams, and entire departments across Tessian have goals set around Customer Centricity. These will be reviewed throughout the quarter to make sure we’re always demonstrating this value and putting our customers first. The bottom line is: We’re guided by our customers and we want to support them today and in the future, wherever and however they’re working.  What can other organizations do to make sure they’re focusing on their customers? COVID has impacted all of us and while customers are certainly looking for value, they’re also looking for a human touch. Empathy goes a long way. Here are some questions to reflect on: How can we break down silos in our company to ensure customers are at the forefront of every decision? In what areas of the business could we show more empathy to our customers, and err away from treating them as a transaction or deal? How can we reach out more frequently and regularly to our customers in a human-first way to ensure we are showing value?
Tessian Culture
Our First Growth Framework – How Did We Get Here?
By Jade Jarvis
21 July 2020
Tessian has just finished building our first-ever Growth Framework for our Engineering team. At the same time, we’ve also introduced Internal Levels to represent different stages of progression and identify key milestones as our Engineers develop and grow.  We see this framework as a guiding North Star for Tessians to trail blaze their own career. Tessian’s values ensure we achieve against the expectations outlined in the framework in the right way, and they are embedded throughout.  Why did we do it?   We’ve had feedback in the past about not having clear progression paths for our current team and – at the same time – it’s critical we understand what “good” looks like at each level for new team members. So, what problems is this new framework going to solve for us?  Our Engineers know what their career at Tessian could look like.  Introducing levels means we can celebrate promotion more formally.  It will support future hiring so we can find the best people to join us.  What does it look like?  There are levels which show the milestones of development at Tessian. As our engineers develop and grow, they progress through these levels.  How do they know what it takes to get to the next level? Well, that’s where our Growth Framework comes in! The framework defines competency clusters which are then broken down into further competencies that outline the  key behaviors expected at each level.  Let us introduce you to our Competency Clusters (and Competencies)
How did we do it?  Our Engineering and People team partnered on this and garnered insights not only from Tessians, but also by exploring best practice in our industry.  We have a culture of collaboration so it was important for us to hear directly from our Engineering team to learn more about their perspectives. We spoke to as many engineers as possible to find out what makes a great engineer and a great framework.  We also reviewed successful frameworks in other tech companies to get a strong sense of what has and hasn’t worked for others.  Here’s a step-by-step of our actions:  Information-gathering  We researched open sources and, by comparing and coding, we found that there are similar core competencies that appear in the majority of frameworks. We whittled it down to seven possible competencies; Craft, Impact, Execution, Leadership, Advocacy, Continuously Improves, and Communication.  Explore workshops  We ran a series of workshops with our Eng leaders to really dig into what’s important for them. In the first workshop, we shared the seven possible competencies and, in breakout groups, we discussed the competencies. We asked ourselves two key questions:  For Tessian: How important is this in helping us achieve our business goals?  For our Tessians: How meaningful is this for individuals in their careers?  We then brought everyone back for a group discussion and shared our thoughts from the breakout groups. As expected, we found there was a lot of cross-over amongst the competencies and what they mean to us.  From this first session, we had two main takeaways:  We needed to ensure that we created clear competency cluster definitions that describe exactly what that competency means to Tessian.  We could chop and merge some of the 7 possible competencies clusters to identify our core competencies.  In our second workshop, we shared our findings and introduced the rescoped and refined competencies. This was where the idea of Competency Clusters with Competencies within them were born.  Our four clusters became: Craft, Impact, Delivery, and Communication.  From this session, we gained better understanding about our competencies, but had feedback that perhaps the names of the clusters didn’t feel quite right.  We wanted our clusters to be action statements, so:  Craft became “Master your Craft” – broken down into Technical Skills, Continuous Improvement and Security.  Impact became “Make an Impact”– broken down into Teamwork, Influence, Accountability and Customer-Centricity.  Delivery became “Get Stuff Done” – broken down into Delivery and Autonomy.  Communication became “Communicate” – broken down into Information and Feedback.  Building the behaviors  At this point, we were in a good place with our competency clusters, competencies, and definitions. It was time to build the specific behavioral indicators that sit under each competency and each level.  We knew from our previous workshops that – while we were getting some really useful comments – it was sometimes quite difficult to capture them all verbally. So, we tried out a live commenting activity. It worked brilliantly and captured the diversity of thought amongst all of our engineering leaders.  We shared the draft framework with our managers before the session. Then, during the session, we asked managers to spend the first 20 minutes making live comments on our Google sheet. Afterwards, and as a group, we went through each of the comments, discussed further, and made notes for action.  Iterations  But, we didn’t stop there. We had a few more manager workshops where we had cycles of gaining feedback > making amends > sharing back.  When we got to what we’d call a ‘final draft’, we asked the wider Engineering team for volunteers to join a focus group to get their feedback. This was an energizing session and was the first time the wider team was able to see the framework and overall, the response was really positive. People really cared about understanding how this tool could be used to support their growth at Tessian. One nugget of feedback that came from this group was that our Competency Framework sounded very formal and not very inspiring, and so, this became our Growth Framework. This really felt like it was more representative of what we want to use it for.  Defining our levels  While we were finalzing our Growth Framework, we were also identifying what levels and job titles would make sense for Tessian. Again, we looked at what our peers were doing (using progression.fyi), so that whatever we landed on spoke the same language as the rest of tech. This also ensures that it’s on par with appropriate expectations in the market so it’s easily comparable with other companies. Testing, testing!  This is arguably the most important part. We had to see if the framework actually worked in practice. We had meetings with individual managers to work through what level each of their team members were currently delivering to. And, to ensure a fair and transparent process, we had a group calibration session to discuss the larger team. In an effort to ensure the same approach was being applied to every assessment, we asked managers to use a traffic light system to review their direct reports against each competency. The traffic light colors indicate: “They are consistently demonstrating this behavior” (green) “They demonstrate this behavior from time to time, but not all the time” (yellow) “They are currently not demonstrating this behavior” (red) Go Live The final tweaks were done, wordsmithing complete, and design decisions made. Finally, our framework was published on our internal Wiki for everyone to view.  All managers had discussions with their direct reports to understand where they think they currently sit against the framework, and we will finalize trial levels over the coming weeks. The word “trial” here is important. We’ll explain more below. What comes next?  Collaboration and shared accountability are critical to our engineering culture at Tessian. So, for the next few months, our team will have what we’re calling “trial levels”. This means that we won’t confirm final levels until we’ve used the framework in practice for a couple of months, and our team has really had the opportunity to see how this works for them before providing feedback. It’s a process! We’re beyond excited to see how this framework will continue to support Tessian to create a world class engineering organization that not only builds amazing products, but that enables engineers to thrive and grow in their careers. Watch this space as we share more news about how this has worked for us in practice and key insights gained!   And, if you’re interested in joining our team, see our open roles here.
Tessian Culture
Launching Plus, A Tessian LGBTQ+ Network
By Leon Brown
30 June 2020
Across continents, the Tessian community is formed of diverse and intersectional people collectively working to secure the Human Layer. But, this month we’re proud to honor the contributions of LGBTQ+ Tessians and the importance of freedom of sexual orientation and gender expression in the workplace. With Human First as a core value at Tessian, we approach everything with empathy and we look out for each other alongside our own wellbeing. Respect, kindness, and inclusion are at the core of our company because our humanity is what makes us who we are. That’s why we’re launching Tessian Plus. And, we’re thrilled that within one month of launching the initiative, the group already holds more than 10% of the company — a significant minority and higher than the expected average. The Plus mission Plus is formed around a core mission to:  Ensure an inclusive and respectful environment for all employees Raise awareness of, and represent the views and issues of, LGBTQ+ employees Provide a support network for LGBTQ+ employees Create opportunities to socialize with other LGBTQ+ employees Offer confidential support when needed Provide guidance to Tessian as an employer on policy and how to enhance its diversity strategy What is Plus? Plus is an employee-led LGBTQ+ resource group for anybody identifying as LGBTQ+. The group operates as a “safe space” for all Tessian LGBTQ+ employees to network, socialize, and share experiences behind closed doors. With Plus, we’re proud to create a private community for employees to express their sexual orientation and gender identity. And, by building from the ground-up, we will form a vocal committee of LGBTQ+ employees who can advise Tessian’s leadership on policies+, diversity initiatives, and how to operate as a point of contact for employees experiencing homophobic, biphobic, or transphobic bullying and harassment. It’s important that these channels are private. Why? Because even though we enjoy a culture of general acceptance of LGBTQ+ professionals in the workforce both in the UK and US, keeping the community private and confidential ensures it’s a safe space – especially for those individuals who aren’t as comfortable wearing their identity on their sleeve. That’s why it’s essential that we always work to preserve peoples’ right to decide when it is right for them to publicly disclose their identity.
Why are we launching Plus now? Last year marked the 50th anniversary of the New York Stonewall Riots — a pivotal event in the modern fight for LGBTQ+ rights in the US and worldwide — during which black and latinx trans women led days of riots against police in response to an unlawful police raid on The Stonewall Inn, a bar primarily serving the marginalized LGBTQ+ community in New York’s Greenwich Village. Globally – from the UK Gay Liberation Front, to the Lavender Menace, and to Black Power groups – Stonewall was a symbol of struggle against systemic oppression. In the months that followed, and frustrated with discrimination in the justice system and public harassment from police, LGBTQ+ figures and people of color led the frontline in protests that created an intersectional movement across activist groups that exists today in the form of The Stonewall Foundation. From the following June, in commemoration of Stonewall and for the continued fight for LGBTQ+ rights, a Christopher Street Day Parade was held to celebrate the LGBTQ+ figures and people of color who dedicated their lives to furthering the rights of humans worldwide. This has continued every year since and is why we celebrate Pride Month in June. Though we have made huge strides towards equality for LGBTQ+ communities in the last fifty years, particularly in the UK, with same-sex marriage equality and employment equality — for true equality to be eternally ours, we must use our privilege and right to protest to continue the tradition of Pride Month. This year, of course, is different than years before. Our remote “new normal” has presented a challenge to the typical vehicles for LGBTQ+ visibility. Pride floats are digital, and events are canceled, leaving people isolated from their usual support networks. We must therefore work harder than ever to bring the LGBTQ+ community together, around a core mission of inclusivity and family. So, this June – and as a proud Tessian LGBTQ+ community – we are coming together to celebrate the contributions of LGBTQ+ Tessians and support freedom of sexual orientation and gender expression worldwide and form the Plus employee resource group. We’re providing LGBTQ+ Tessians with a safe space to socialize, celebrating LGBTQ+ history, and sharing experiences within the LGBTQ+ community.
Tessian Culture
Our Journey To Revamp The Tessian Values
By Tim Sadler
11 May 2020
As a founder, I knew from Day 1 how important our values were going to be in order to build the company we dreamed of creating. So when I began to hear murmurs late last year that not everyone at Tessian was understanding what our values meant for them, I knew it was time to investigate how our people were feeling and what we might need to do to revamp our values. To me this listening exercise was vital because our values guide everything. They aren’t aspirational words hanging on a wall that no one understands; they’re the backbone of a company. With this in mind, we went on a month-long journey of listening to our employees, and created values which are a true reflection of Tessian today. They’re actionable, intuitive and central to everything we do, from our recruitment process through to performance and development.  You can check them out in more detail below. But before I get to our revamped values, I want to tell you more about the journey we went on to make sure they truly reflected what Tessians care about. Why do company values matter in the first place? Values aren’t just a corporate thing; values are crucial for both our personal and professional lives. They’re a code we live by, they define what’s important to us, and they help us make decisions day to day. Sometimes our values are so deeply ingrained, we don’t realize we’re using them every day to make choices.  At Tessian, we’ve seen our values as a North star from the beginning. They steer our decision making, serving as a code to help us make choices, especially when it’s not obvious what we should do. They help us hire the right people, individuals who care about the things we care about and can take Tessian in the right direction.  Our values also inform our performance reviews, development conversations, and how we reward, recognize and promote our people. Our values underpin our culture.  Why did we decide to revamp our values at Tessian? We use Peakon, a tool that helps companies build and maintain engaged teams and great company cultures. It does this through employee surveys, which provide insights into how our employees feel about different things. Late last year, our Peakon data revealed a theme: our values weren’t understood by all our people.  We saw that:  People were being rewarded for different behaviors underlying our values (and these were in conflict with each other); and  Behaviors that were really important to us weren’t reflected in our values. In other words, we had a gap in our values. I wanted to do something to fix this. We ask Tessians to show up every day, living and breathing these values. If there’s confusion over what they look like in practice, we’ll all be rowing in different directions. Equally, as people join the team, if there are things that are important to us that aren’t explicitly reflected in our values, we run the risk of losing or diluting those things over time.
How did we revamp our values? We knew we needed to re-work our values. The question was: how?  The most important thing was to get input from as many people as possible from all across the business: different genders, backgrounds, functions, tenures, and levels of seniority. That was the only way we’d get the values that accurately reflect Tessian.  We started by sending out a questionnaire to the whole company to understand from a high level what was most important to us. It included questions like:  What do you think of our current values (what values do and don’t resonate)? If you could add a value, what would it be? What do you value in yourself and your colleagues?  We received a high response rate, but we wanted to dig deeper. Next, we set up 1-1s with about half of the respondents to delve deeper into their answers. We then aggregated all of this information into a pre-read to run a workshop with our Values Focus Group (this consisted of 15 people who had signed up to be our “Values advocates”). We followed this up with additional 1-1s with each of our Values Focus Group members. All of this work meant that the whole of Tessian went on this journey together; our values were crafted from the top-down and bottom-up, so had a great chance of being “sticky”.  Having gathered so much input from across the business, we then started to reformulate our values with a clear view of what was truly important to our people. Here’s an illustration of the words that came up the most during our journey that guided us in our reformulation.  
Our new values A lot of interesting things came out of the listening tour. First and foremost was the fact that there was a “gap” in our values—this became a new value called “Human First”.  This value was the most prominent finding in all of our work; time and again people said how important treating each other with kindness, respect and inclusion is at Tessian. It was so clearly part of the fabric of Tessian. It also seemed like a huge miss to not have this as we are a Human Layer Security company which believes people are the most important part of every organization. With all this in mind, we knew we had to codify it as its own value. Here are some tips we found worked for us when writing our new values: Focus on the actual words your employees are using during the discovery process, and not words that are “hot” right now in your industry or the public generally. Staying true to your employees’ language when writing your new values will help them better resonate in the end. Observe how the value is being embodied around you because so much understanding comes from the values in action; and Don’t be limited by what you think your values are, or what you think they should be. Go in with an open mind and candidly narrate the values you uncover. Without further ado, here’s the entire set of revamped values. They make me proud to be a Tessian, because I know that they reflect the real values and aspirations of all of our people. 
Human first. We approach everything with empathy and we look out for each other alongside our own wellbeing. Respect, kindness and inclusion are at the core of our company because our people are what make us Tessian. 
Customer centricity. We fixate on our customers’ success. They’re the lifeblood of our business and guide our daily decision-making. Whether we’re launching a feature, or pursuing a partnership, we always ask “How does this help our current and future customers?” 
Positive mindset. Solution oriented. We lead with a curious, positive mindset, and go above and beyond to find solutions when problems arise. When our solutions fail, they fail fast — we embrace the failure and keep learning, iterating, and improving.
Grit and perseverance. We have sustained passion for achieving long-term goals. We see setbacks as opportunities to adapt and grow. We’re committed to building resilience and have the motivation to tackle big challenges that others might give up on.
We do the right thing. We’re always honest and guided by integrity in every decision we make; with one another, with our customers, with everyone. We do what we believe is right, even when it means making difficult decisions.
Craft at speed. We work with great care and skill, sometimes at an uncomfortably fast pace. Rather than aim for perfection in one at the expense of the other, we balance attention to detail with speed of delivery.
Page