A Conversation with Hayden Smith, Amanda Aguayo, and Tim Barone 

In the cyber realm, a frequent question that echoes throughout the community is: “How can we stop the next attack?” It’s a query repeated so often among cyber defenders that it has become a familiar refrain, like the chorus of a well-known song. So, when Hayden Smith, Amanda Aguayo, and Tim Barone co-founded Hunted Labs, they sought to do more than merely create another run-of-the-mill cybersecurity company. They set out to build a technological solution that would change the narrative and render this age-old question obsolete.

Hunted Labs was built to deliver unrivaled threat intelligence to identify, intercept, and eliminate foreign adversarial influence in open source software. With its flagship product, Entercept™, the company has already made a name for itself.

In April 2025, Hunted Labs issued the first of its eye-opening threat reports exposing potential Russian influence in a popular open source Go package called easyjson. The findings, published in WIRED Magazine, sounded alarm bells throughout the open source ecosystem and ignited a global conversation about the security of the software that powers organizations and infrastructure worldwide and the potential for adversarial foreign influence over it. Months later, Secretary of War Pete Hegseth issued a directive stating, in part:

“The DoD will not procure any hardware or software susceptible to adversarial foreign influence that presents risk to mission accomplishment and must prevent such adversaries from introducing malicious capabilities into the products and services that are utilized by the Department.” 

Since its launch in March 2025, Hunted Labs has steadily built momentum­, forging strategic partnerships, lining up customers, and fulfilling key milestones under its Small Business Innovation Research (SBIR) contract with the U.S. Space Development Agency. We met with Hayden, Amanda, and Tim to learn about the deep sense of purpose that fuels their ambitious mission: to Protect the Hunted.   

The three of you have known each other for a long time. How did you meet?

Tim: I was living in D.C. Hayden and Amanda were in Los Angeles. I was hired to work for Booz Allen Hamilton as a senior lead technologist and, on my first day, I met Hayden, who was an intern at the time. We had a nice long journey there working together on a bunch of different projects between 2015 and 2019.

Hayden: Amanda and I are married. We’ve known each other since sixth grade.

Loyalty and trust are two of the most important traits to me. Tim and I built a strong foundation of trust and relationship capital during the years we worked together at Booz Allen on demanding government projects. We were deep in the trenches on the technical side of the house, often facing tough challenges. I remember at times thinking, ‘This problem really sucks, but at least I get to tackle it with a brilliant engineer like Tim.’

On the business side, Amanda brings years of experience in operations. What I’ve always admired about her is her unwavering loyalty, honesty, and trustworthiness. These qualities aren’t just personal values; they’re core to what we’ve built at Hunted Labs.

What are the most important things you’ve learned about yourselves as you’ve built Hunted Labs? Have you discovered any new superpowers? 

Amanda: One of the most reassuring things as we’ve built Hunted is seeing how spot-on our instincts have been from the very beginning. 

We’ve always had a strong pulse on the market and the problem that needed to be solved. And now, seeing how those early ideas have come to life is incredibly cool. It’s easy to get caught up in the noise of what people are saying, what the market is doing, but going back to our foundation reminds us why we started Hunted in the first place.

We’ve had moments where we predicted everything from how our first press release and coverage might look to how customers would respond to certain features. And when those things actually happened, it was like, “Wow, we really knew.”

Tim: This isn’t necessarily a superpower, but I think, our ability to build a product that can elicit excitement in customers. Going back to what Amanda said, we had a clear idea of what we wanted to build and who we were building it for. There’s something incredibly satisfying about seeing that vision come to life and watching people get genuinely excited about it.

Whether it’s at a conference or on a call, seeing people or potential clients get excited about a product you’ve developed is really satisfying. When they interact with our product, it is a powerful moment. You go from thinking, “I hope we can do this,” to realizing, “We’re actually doing it and people care.” That’s extremely validating.

Tell us about Hunted Labs. Why does it exist and what does it aim to achieve?

Amanda: We are the new standard in software supply chain security. The traditional approaches just aren’t working anymore. Attacks are evolving. That’s why we exist: to take a proactive approach to stop the next major software supply chain attack.

I was asked the other day, “What do you envision Hunted Labs accomplishing?” I literally said, “I hope that one day, maybe a year or two from now, there’s a headline that reads: Hunted Labs stopped the world’s biggest software supply chain attack.” That’s the kind of impact we’re aiming to have.

Hayden: We’re here to find the bad guys hiding inside your software and hunt them down.

Over the past few years, we’ve seen bad guys target or maintain critical open-source projects or infrastructure that organizations run on. At Hunted Labs, we help organizations gain insights into their risk posture.

We’re here to help you identify what is in your software first; identify exploits, vulnerabilities, risk with the code itself from an engineering perspective. Is this code good to go? Yes or no?  And then also giving them complimentary risk assessments where we could say, “Hey, the people maintaining this code have suspicious or questionable connections to foreign states, foreign state entities, or foreign state intelligence services that need to be addressed.” 

These are not things that you can passively brush to the side. These are things that need to be addressed in your software supply chain in order to have that peace of mind when you’re shipping products that are being consumed by your customers. If you’re an enterprise, you need to know that that product is good to go and that your software supply chain is resilient. If you’re the government, the stakes are even higher. It’s extremely valuable for enterprises and government organizations to have that information available to them so they can take remedial action. You need to not only know the software is free of vulnerabilities and exploits, but you also need to know if someone put a piece of code in your software supply chain that will make a national security system run 10 seconds slower or that will degrade performance or your systems in any way, shape, or form. That’s the critically important stuff we do here at Hunted Labs.

In March, Hunted Labs released a report exposing potential Russian influence over a popular piece of open source code called easyjson. The report raised serious concerns about adversarial foreign ownership, control, and influence in open source software. Why is it critical for organizations to have this kind of information?  

Tim: As Hayden and Amanda mentioned, the cybersecurity industry has long fixated on CVEs (Common Vulnerabilities and Exposures), which identify known security threats. They have been so focused on this one aspect of cybersecurity that they’ve forgotten about the importance of identifying risk.

At Hunted Labs, some of us have offensive security backgrounds, which means we’re trained to think like adversaries. We’re able to put our “bad-guy” hat on to figure out what an attacker would do and what motivates them so we can truly understand the risk they pose. When it comes to software, bad guys don’t have any restrictions. They get to do whatever they want.  

At Hunted Labs, we understand that just because there aren’t any known vulnerabilities, it doesn’t mean there’s no risk, because there is.

Hayden: We’ve seen a clear pattern of attacks—even looking back at XZ Utils—where bad guys target a specific person and weaponize the most core tenant of open source: trust. In the case of XZ Utils, an anonymous attacker going by the username Jia Tan carried out a longstanding social engineering campaign targeting a specific project foundational to the modern computing ecosystem. That wasn’t a one-off. When it comes to bad guys—whether they’ve failed or were successful—they take notes. They’re constantly learning and evolving and looking for instances where enterprises messed up. Recently, maintainers were targeted by attackers using traditional social engineering and phishing campaigns. Attackers were able to take over not one open source project, but 20. So, what that indicates to us is that bad guys are doing reconnaissance on maintainers and they’re looking at them as an entry point to the open source ecosystem to increase their attack surface dramatically.

Numerous bad actors in adversarial countries—like Russia and China—maintain critical pieces of globally utilized cloud-native infrastructure. These applications are what power many of the conveniences we love and rely on in our daily lives and are fundamental to not only commercial enterprises and the U.S. government, but to our broader economy. This interconnectedness means that one cyber attack against a specific piece of software can have a widespread and disruptive ripple effect throughout the entire world.  

In my previous roles, if I went to my boss and said, “Hey, Boss. I detected this guy. He works for a sanctioned Chinese military corporation. He’s on our network, he’s in our products, he’s in our system.” No boss would ever say to me,  “Oh, yeah, just leave it there until something happens.” I was told to kick them out of the network, quarantine and investigate them. Immediately. Take it all the way to the end of the road. That’s why our ethos at Hunted is not to let potential threats—foreign or otherwise—operate in a dormant manner. We’re going to be proactive and remove them.

Since the release of your easyjson report, Secretary of Defense Pete Hegseth issued a directive stating, in part, “The DoD will not procure any hardware or software susceptible to adversarial foreign influence…” What was your reaction to that directive?Hayden: This goes back to the point I made earlier about being proactive. That memo inherently is proactive. So, seeing a large organization like the Department of War say, we are not going to stand by and wait. We are going to put a proactive foot forward to eliminate this attack vector, and it’s going to apply to every vendor we do business with. It makes it clear if you want to do business with the DoW, you are going to have to identify, track, and eliminate foreign influence. That directive gave me a lot of hope, especially after supporting the department for over 10 years and working, for the most part, from a reactive stance. To see leadership adopt a proactive stance was huge for me.

“Our ethos at Hunted is not to let potential threats—foreign or otherwise—operate in a dormant manner. We’re going to be proactive and remove them.” – Hayden Smith

In May, you officially launched your flagship product Entercept. What does it do and how does it help customers across government and commercial enterprises?

Amanda: Entercept provides unprecedented visibility—visibility you can’t unsee and that will make you want to go deeper into the benefits of our product offering. One of the most powerful features of Entercept is what we call Blast Radius, which provides visuals of SBOMs (Software Bill of Materials) and shows how packages are intertwined and dependent on each other. It’s very exciting for customers to see their data in a way that they’ve never been able to see it before.

Another key feature of Entercept is our Open Source Optics tool. It goes beyond identifying what’s in your software to uncovering who’s behind it. We’re able to help identify those threat actors very easily, which hasn’t really been done before.

Tim: To build on that, we’ve created a product that offers decision makers quality data and information. There are always decisions that need to be made. They have to figure out where they should spend their time, resources, money, and effort. With Entercept, decision-makers and their teams are empowered to focus on what matters.

You’ve since come out with another report, which identified another OSS package—fast-glob—with potential Russian influence. Can we expect more reports?

Amanda: Absolutely, yes. We are always focused on the future and the next hunt, so we expect to come out with another report soon.

Tell us about the Hunted Labs team.

Amanda: One of the most powerful parts of building the Hunted Labs team has been seeing how deeply people connect with our mission. From the very first conversations, we don’t just ask if they understand what we’re doing, we ask if they really understand it, and if they’re passionate about it. And time and time again, we’ve had people say, “Please, I get it. I want to be part of this. Let me help.”

That kind of enthusiasm is rare. Our mission resonates, and I believe it’s why we’ve been able to snag such amazing talent. We’ve built a team of Swiss Army knives, who can do so many things. Everyone is eager to contribute in any way they can because they genuinely want to see us succeed together.

Hunted Labs is an incubation of Red Cell. What made you decide to build your company here?

Hayden:  At Red Cell, I get to free up cycles to go spend with engineering to focus on product, to focus on building. For any entrepreneur or startup, especially in the cybersecurity space, you need to be focused on building or selling the product  all the time. Personally, I don’t want to be focused on our finances day-in, day-out. That’s a lot of work and that eats up a lot of cycles I could be using to improve the product. So, partnering with a  place like Red Cell that comes in and handles finance, and operations, and marketing has been a blessing from a building perspective. I can focus on the problem and on delivering solutions that meet those problems faster than my opponents — and faster than attackers can adapt — because we’ve built within Red Cell. What I have found is the deeper embedded Red Cell is into our process, the more successful outcome and the better the return we will get as a team.