A short version.
I started as a security researcher at Carnegie Mellon's CERT, broke Tor protocol headers on a budget, ran Incident Response inside a global bank's fusion center, and now build agentic security tools that act on security findings instead of just creating them. I care about the technical details and the boardroom consequences, and I work tirelessly to ensure I can communicate effectively in both.
Foster the team A healthy security department grows from strong leadership that listens and shares.
Own mistakes Making mistakes is natural to the human experience. What you learn from those mistakes is what determines your future.
Governable autonomy If you don't understand what you've built or how it works, what value did you bring?
Telemetry over intuition Detection engineering is a data problem. Gut calls are for the first 30 seconds of triage, not the postmortem.
Communicate effectively Answer questions honestly and deliver actionable intelligence to stakeholders.
Fundamentals matter Typed interfaces, least-privilege IAM, ephemeral sandboxes. Most of what makes a system secure starts from the basics.
Building AttackBench, an autonomous pentesting platform with safety built-in from day one. Studying the future of Agentic AI. Advising executives on what's coming next.