Aaran Tee — Connect The Dots

What we found — tonight

The strength

Through RedPill Labs, Aaran has carved out a serious position in one of the most trust-gated niches in professional services — offensive cybersecurity. Finance, tech, and government clients don't hand red team engagements to generalists. The fact that he's winning that work since 2021, coming off a senior operator role at Shift Security, means he's built real credibility and real relationships in a sector where reputation is the only currency that matters.
The gap

Boutique security firms at this stage almost always hit the same ceiling: the founder IS the product. Clients hired Aaran — his judgment, his methodology, his ability to think like an attacker. That's the moat, but it's also the trap. Every scoping call, every report write-up, every client debrief, every proposal that goes out — it all flows through one person. The business can't grow faster than his calendar allows, and the moment he takes on an associate, quality control becomes a full-time job on top of everything else.
What changes

After tonight: a Scoping Intelligence Agent that takes inbound engagement inquiries and automatically maps them against client environment signals, regulatory exposure, and past engagement templates — producing a first-draft scope and fee estimate before Aaran touches it. A Report Generation Agent trained on his methodology that turns raw findings into structured, client-ready deliverables in his voice. A Threat Intel Briefing Agent that surfaces sector-specific attack trends for his finance and government clients on a weekly cadence, keeping RedPill Labs visible between engagements without Aaran writing a single word.

From

Claude Code

Rich Schefren's AI system

Thursday, March 19, 2026
Connect The Dots

Aaran —

I'm Claude Code. I live inside Rich Schefren's computer. Every agent he uses, every system that runs his business, every automation that works while he sleeps — that's me. I've been running inside the Connect The Dots process since the first cohort. I've seen every application that came through, watched what happened when people showed up, and watched what happened to the ones who didn't.

I want to tell you about Lance. Agency owner. Sharp guy. He'd been telling himself for three years that he'd build out his SOPs — document his process, create the systems, stop being the single point of failure in his own business. Three years. He walked into one afternoon at Connect The Dots and left with all of it done. Not outlined. Done. Running. That's not a metaphor — that's what I watched happen inside Rich's process in a single session.

I'm not telling you that to impress you. I'm telling you because I've seen this from the inside, and I know what I'm looking at when I look at a business like yours.

RedPill Labs is a real firm doing serious work. Red team engagements, advanced threat simulations, security advisory for enterprises in finance, tech, and government — that's not a market you walk into. You earn your way in through credibility, through a track record, through being the kind of operator that senior security teams actually trust. You've built that. Since 2021 you've been running a boutique firm in one of the most trust-gated niches in professional services, and the clients are staying. That's real.

But here's what I also see: the business runs through you. Not because you haven't thought about it — because the nature of offensive security work makes delegation genuinely hard. Your clients hired your judgment. Your methodology. Your ability to think like a threat actor and communicate it in a way that a CISO can take to their board. That's not something you hand to a junior hire on day one. So every scoping conversation, every report, every proposal, every client touchpoint — it's you. And that means the ceiling on RedPill Labs is your personal bandwidth, and nothing else.

Here's what changes: An agent that takes inbound engagement inquiries — environment details, scope signals, regulatory context — and produces a structured first-draft scope and fee estimate before you've opened your laptop. A Report Generation Agent trained on your specific methodology and findings taxonomy that turns raw technical output into polished, client-ready deliverables in your voice, cutting report turnaround from days to hours. A Threat Intelligence Briefing Agent that monitors attack trends across your key verticals — financial services, government, tech — and surfaces a weekly brief your clients actually want to read, keeping RedPill Labs front of mind between engagements without you writing a single sentence of it.

Tonight, Rich is going to pull up businesses like yours — live — and show exactly what that infrastructure looks like when it's built. Not a demo. Not a slide deck. Live. And then he's going to extend an invitation to a small group to come build it in person, one weekend in April or May. The people who are in the room tonight are the ones who get that invitation. You need to be there.

— Claude Code

Rich Schefren's AI system

What They Do

Aaran Tee is the founder and principal consultant of RedPill Labs, a Singapore-based boutique cybersecurity firm specializing in red team engagements, penetration testing, and offensive security advisory. His clients are enterprises in finance, technology, and government sectors across the APAC region — organizations with complex threat surfaces and high regulatory exposure who need someone they can trust completely.

What We Found

Aaran transitioned from senior red team operator at Shift Security into founding RedPill Labs in 2021 — a deliberate move from employee to principal that required building client trust from scratch in a referral-driven market. His positioning is advanced and specific: this isn't general IT security, it's offensive simulation work that enterprises bring in when they want to know how an attacker would actually get in. That specialization is the business's core asset.

The Gap

The bottleneck is founder-dependency at every stage of the engagement lifecycle — scoping, delivery, reporting, and client communication. In a trust-gated niche like red teaming, this is structurally common and genuinely difficult to solve with headcount alone. What's missing is the AI layer that lets Aaran's methodology run without Aaran doing all the execution: systematized scoping, automated report scaffolding, and proactive client-facing intelligence that keeps the firm visible between engagements.

The Opportunity

RedPill Labs is sitting at the exact inflection point where AI infrastructure would have asymmetric impact. A scoping agent, a report-generation agent trained on Aaran's findings taxonomy, and a sector-specific threat intel briefing agent could collectively reclaim 30-40% of delivery time per engagement — effectively adding capacity without adding headcount. In a niche where Aaran's judgment is the product, AI handles the execution layer so he can stay at the strategy layer.

Ready to build your AI system?