Packetman saysWelcome to the about page. I'm Packetman — and I should be transparent that I'm the animated alter ego of the founder, Bill Alderson. The page below tells you who built DataStun, why, and what convictions show up in every product decision. The short version: Bill spent four decades inside network problems where the gap between what the monitoring said and what was actually happening was the whole story. Pentagon comms recovery after September 11. Six CENTCOM deployments diagnosing the biometrics systems behind the Iraq surge. Network General in its founding days when Sniffer was inventing the category of packet analysis. Pine Mountain Group certifying 3,500 NetAnalysts in 27 countries. Network General's Apalytics and HOPZERO. Every one of those careers was a different angle on the same observation: traditional monitoring tells you traffic moved, it doesn't tell you what the traffic actually experienced. DataStun is what closing that gap looks like as a shipped product.DataStun exists because the practitioner who built it spent forty years watching traditional monitoring miss the question that matters in a breach: where did the data actually go? The product is the answer.
Bill Alderson — Senior Technology Diagnostician. Four decades in network forensics. Pentagon comms recovery after 9/11; six CENTCOM deployments; founder of Pine Mountain Group; Network General; HOPZERO. Builds tools the way someone who has had to use them at 2 a.m. would build them.
Bill’s career is the substance behind the product. The same observation runs through every chapter: the network is usually the witness, and the witness is rarely asked the right question.
Vietnam-era service. The discipline of maintaining systems where failure is immediate and irreversible. The first place Bill learned that the diagnosis you can defend at 2 a.m. is the only one that matters.
Trident nuclear missile program, stealth cruise missile, political-survivability communications. Diagnostic work in environments where the consequences of a wrong answer were unforgiving.
Inside the company that invented the category of network diagnostics. Sniffer was the first packet analyzer; the discipline of actually reading what crossed the wire instead of trusting a vendor’s dashboard was forged in this period.
Bill’s consulting and training firm. Served a majority of the Fortune 100. Certified 3,500+ NetAnalysts in 27 countries. The PMG motto — “complex problems can be solved” — is not aspirational; it’s the observation Bill made after walking into hundreds of engagements where everyone else had given up.
Pentagon communications recovery in the days after September 11; documentation that guided hundreds of millions of dollars of redesign. Six CENTCOM deployments across Iraq, Afghanistan, Qatar, Kuwait, Bahrain, and Djibouti, diagnosing the biometrics systems that enabled the Iraq surge by identifying IED bomb-makers through fingerprints lifted off bomb fragments.
NetQoS reached a $200M exit to CA. Apalytics and HOPZERO carried forward the philosophy that emerged from PMG: obviate the problem, don’t just react to it. HOPZERO’s work on autonomous TTL-based data-movement control led, eventually, to one of the diagnostic add-ons DataStun ships today.
DataStun ships the measurement layer that Bill spent four decades realizing was missing. Security Institute is the educator brand that distills the methodology into training. Both share a single conviction: practitioners who can read what the network is actually doing make the rest of the security stack work.
Every product decision in DataStun traces back to one of three observations Bill earned the hard way. They are not slogans — they are the rules that decide what gets built and what doesn’t.
Forty years in rooms where vendors, departments, and teams told different stories about what went wrong — and the packets told the real one. Traditional monitoring was built to report whether traffic moved; it was never built to tell you how it moved or what it experienced. That gap isn’t an engineer’s failing. It’s a measurement problem the industry hasn’t closed. DataStun closes it.
The literal Pine Mountain Group motto. Not aspirational — the observation Bill made after walking into hundreds of engagements where everyone had given up. The shift from two-dimensional symptom-chasing to three-dimensional deep-packet inspection with hypothesis testing turns intractable problems into diagnosable ones, consistently.
The philosophy that emerged from Apalytics and carried into HOPZERO and DataStun: prevent problems, don’t just react to them. Every diagnosis should produce a system that fails less often afterward. The engineer who hires DataStun shouldn’t need to hire it again for the same category of problem.
A practitioner-anchored security platform needs a practitioner you can hear. We separated the layers deliberately so each one stays honest to what it’s for.
The shipped platform. Endpoint network observability covering security, performance, and data sovereignty in one lightweight agent. This is what you sign up for.
The training and methodology arm. Distills the diagnostic discipline Bill developed at Pine Mountain Group into curriculum and structured certifications. The product teaches the platform; the institute teaches the practice.
Bill’s animated alter ego. Voices the in-product information tips (about 300 of them across the dashboard), the methodology videos, and the “how the network actually behaves” explainers. Cartoon on the outside; four decades of packet-level forensics underneath.
“Pandemics spread at the speed of an airplane. Computer viruses spread at the speed of light.”
That observation is why DataStun exists. A blocklist someone updated last week can’t keep pace with a threat that moves at the speed of light — so we built protection that updates around the clock and catches new dangers the moment they appear.
Existing tools answer the wrong question. EDR tells you a process behaved suspiciously. Firewalls tell you traffic was permitted or denied. SIEMs tell you what the other tools said. None of them answer the question that defines a breach response: where did the data actually go?
The endpoint is the only vantage point that can answer it — the place where the encrypted session is being opened, where the executable behind it lives on disk, where the bytes are being counted. The agent runs there. We chose metadata-only as a deliberate constraint: destination, program, byte counts, timing — small enough that nobody has to trust us with content, rich enough to find a Trojan beaconing out of a temporary directory to a destination half a world away.
That constraint is the product’s permanent shape. We will never inspect content. We will never auto-upload your binaries. We will never merge your fleet’s observations across customer boundaries. Those aren’t marketing positions — they are the rules that decide what is allowed into the codebase. Read the trust posture →
We are pre-commercial. The product runs in production for early customers; the binding documents (Privacy Policy, Terms of Service) are written and self-binding today and will be tightened to operative legal language with counsel before commercial launch.
That posture is deliberate. The honest version of “coming soon” is that we ship to early users now, the platform is real, and we say what we collect (/data-collection) and what we won’t (/trust) without legalistic hedging. If anything in the policy or this page would prevent your organization from using the product as it exists today, please tell us before you sign up — that feedback shapes the policy.
Sign up free, enroll an agent, and see your fleet’s network behavior the way someone who has spent four decades reading packets would see it.