Our Story Founded 2018 ยท London, England

How a Late-Night Whiteboard Session Accidentally Built a Cybersecurity Company

It wasn't a grand plan. There was no VC-funded pitch deck. No fancy office, no catering. Just a whiteboard, some markers that were running out of ink, and a problem that kept nagging at us โ€” until we finally decided to actually solve it.

It Started With a Client Server (They Always Do)

A client needed their server secured. Straightforward enough, right? We ran through the usual playbook โ€” hardening, monitoring, the works. But then someone had what seemed like a perfectly obvious idea: why not just block IPs that are already known troublemakers? Attackers, bots, scanners, the general riff-raff of the internet โ€” they have a reputation. Why let them knock on the door at all?

So we did. We pulled in public blocklists, configured the firewall, and felt pretty pleased with ourselves. Then someone asked the follow-up question that changes everything: "What about the IPs we personally know are bad โ€” the ones that have been caught trying to break into our stuff, but nobody else knows about yet?"

Private intelligence. Our own. Good question. Better idea.

Then We Got Greedy (In a Good Way)

We had multiple servers. Each one was seeing attacks, logging them, quietly suffering. And each one was doing it alone, like a security guard who never talks to the other security guards in the building. It made no sense. If one server got hit, why should the others be left in the dark?

"What if all these servers shared what they knew? What if they acted together โ€” as one?"

That was the seed. Coordinating threat data across machines, pooling knowledge, making the whole network smarter than any single node. Obvious in hindsight. Most good ideas are.

FTA: The Name We Don't Talk About

Every project needs a name. We came up with FTA โ€” Firewall Trust Alliance. Solid concept. Terrible name. It sounded like a regulatory body you'd get an angry letter from, or maybe a trade union for routers. Nobody was excited about it. Even the acronym felt like it was wearing a tie.

Fun fact

We still have the original FTA notes somewhere. They serve mostly as a reminder of how bad naming things can be when you're tired and running on coffee.

But the concept was solid โ€” an alliance of firewalls, sharing intelligence, acting as a unified defensive layer. And in one of those casual late-evening meetings (the kind where the good ideas actually happen, usually around the time everyone just wants to go home), someone put it simply:

"It's like they're all one firewall."

That was it. OneFirewall Alliance. The name that stuck, the concept that grew into a company, and the idea that got incorporated in England with a group of people who suddenly realised they were building something real.

Are We a CTI Company? (We Argued About This for Years)

Once the dust settled, we found ourselves staring at an awkward question: is this just a Cyber Threat Intelligence company? Because if it is, there are already a lot of those. Some with much bigger marketing budgets.

We wrestled with it. Honestly, we kept wrestling with it for years. The answer, when it finally crystallised, was simple but important: we don't care about threat intelligence for its own sake. Intelligence that sits in a report nobody reads isn't protecting anything. What matters is whether that intelligence actually does something โ€” whether it's actionable.

That word โ€” actionable โ€” became the foundation of everything we built. Not "here's a list of bad IPs, good luck." But "here's a list of bad IPs, and your firewall just blocked them automatically, in real time, while you were having lunch."

From Proof of Concept to Actual Company

The technical foundations were solid from day one. Real-world experience, first-hand market understanding, and a working proof of concept that did exactly what we said it would. No smoke and mirrors. Just software that worked.

From there, the company grew the way most good things grow โ€” steadily, stubbornly, and with a lot of caffeine. We stayed close to our mission: protect any technology system, anywhere, with a unified layer of OneFirewall intelligence.

Where We Are Now

Time moves fast. From a whiteboard in 2018 to where we stand today โ€” it's been a journey we wouldn't trade. The alliance now spans more than 180 independent sources, all contributing to and benefiting from the collective intelligence of the ecosystem.

Among our members and partners:

Telecom Italia Ministry of Defence โ€” Italy Leonardo Almaviva Cyber Threat Alliance & many others

Governments. Telecoms. Financial institutions. Security partners who take this stuff as seriously as we do. Not bad for a company that started because someone asked "what if we just... shared the data?"

And the Definition of "Firewall" Kept Expanding

Here's the thing about building something based on a concept rather than a product category โ€” the concept keeps growing. A firewall used to mean a box at the edge of your network. Now it means something much bigger.

Today, OneFirewall can be embedded into almost anything: WAFs, routers, XDR platforms, VPNs, AI models, instant messaging infrastructure โ€” you name it. If a technology system can be attacked (spoiler: they all can), it can carry OneFirewall inside it.

We've rewritten code, updated integrations, rebuilt things from scratch when they needed it. But the mission hasn't changed a bit since that evening around the whiteboard:

"A unified approach against cyber crime."

We're still at it. And honestly, given the state of the internet, we don't expect to run out of work anytime soon.

🛡

Sotiraki Sima

Chief Information Security Officer & Co-Founder, OneFirewall Alliance