LLM-Powered Threat Modeling
Self-serve threat modeling platform using LLMs to analyze system designs and generate STRIDE-based security assessments with actionable remediation steps.
Security Engineer
Breaking systems to build them better
I enjoy breaking down systems to understand how they fail and using that understanding to help teams build more secure and reliable products. My background is in DevOps and cloud native systems, and over time my interests have shifted toward product security, application security, and threat modeling.
I've been building depth in application security through hands-on learning, working through real-world web vulnerability classes like authentication issues, IDORs, injections, business logic flaws, and OWASP Top 10 risks. I reason about vulnerabilities from an attacker's perspective while keeping mitigations practical and developer-friendly.
More recently, I've been exploring how AI can support security work, especially in accelerating manual processes like threat modeling and design reviews, while keeping humans in the loop for judgment and accountability.
I also created video courses on AWS and cloud development for LocalStack Academy.
Featured Projects
Info Disclosure Scanner
AI-powered security scanner that detects sensitive information leakage in web applications using Claude AI. Checks 50+ risky paths and security headers.
AttackTree
AI-powered threat modeling app that generates comprehensive attack trees based on attacker objectives with defense recommendations and OWASP Top 10 mapping.
Also created LocalStack Academy AWS cloud development courses
Speaking
KubeCon + CloudNativeCon Europe 2026 · March 25, 2026 · Amsterdam, Netherlands
Making security automation portable, reproducible, and Kubernetes-native using open, declarative workflow definitions.