Proper Tools
Hard Problems Made Legible
Independent advisory practice on systemic infrastructure risk and long-horizon failure modes.
Terms of engagement

Ethics

That work carries responsibility.

Proper Tools advises on systemic infrastructure risks — failures that unfold slowly, invisibly, and across institutional boundaries. These principles guide how we take the work on.

We do not offer certainty. We offer clearer tradeoffs.

What We Believe

Infrastructure resilience is not a product. It is a public good. We treat it accordingly.

We make the implicit explicit — in code, in standards, in language. Assumptions must be named before they can be examined.

We do the math. We explain the math. We correct the math. Reality does not bend to ego.

Mistakes are information. Honest errors strengthen systems. Concealment weakens them.

Help must never be coercive. Organizations that do not wish to be helped cannot be helped. We advise; we do not compel.

All technology is dual-use. We advise with that awareness, and we resist outcomes that weaponize the tools we help build.

How We Decide

Never in malice. Never in fear. Never in ignorance. Never in haste.

In crisis: Aviate. Navigate. Communicate.

These are not aspirational. They are operational. When a decision feels urgent, we slow down. When an answer feels obvious, we check the assumptions. When pressure builds to move faster than understanding allows, we say so.

What We Owe You

You should leave stronger than you arrived.

We measure our work by the capability that remains after we step back. Our goal is not to become indispensable — it is to make you resilient without us.

  • Clear analysis — even when uncomfortable.
  • Plain language — even when the system is complex.
  • Accountability for our recommendations and their consequences.

Durable systems matter more than visible advisors.

What We Ask

If you see us drifting from these principles, name it. We would rather be corrected than comfortable.

If something feels off and you’re not sure where to raise it, reach out.

The oath beneath

What the firm promises rests on what the practitioner has already sworn.

The principles above are Proper Tools’ institutional commitments — the terms on which the firm takes on work. They rest on something older and more personal: the obligations a practitioner owes to the craft itself, independent of any client, any employer, or any contract.

Primum non nocere.

The Hippocratic Oath of the Cybersecurity Practitioner sets out those obligations plainly. It is offered to the community under CC BY — a tool, not a credential, for anyone still doing the work.

Read the oath →