Self-taught developer. I design, build, secure, and ship vulnerability-management software solo — and when the tool I need doesn't exist, I build it, then run my own releases through the same security gauntlet I'd expect from a vendor.
One product, taken through Microsoft Store certification and published as a private-audience listing, plus the companion toolchain and the compliance evidence behind it. Every number below is verifiable against an artifact on disk, and I can produce each one on request.
The case studies are the heart of this site: real problems I hit, the root cause, the engineering, and the proof — including the problems where no off-the-shelf answer existed and I had to invent one.
A Windows desktop app for VM teams: which findings are about to breach SLA, who owns the assets, and what got done about it. Built solo, Store-certified, IV code-signed.
read more →Four problems, written the way I hit them: millions of findings on one desktop, ownership routing, zero-day exposure answers in seconds, and the attack surface nobody scans.
read more →A self-built compliance gauntlet with pass/fail criteria and evidence artifacts, plus RFC 6962 Merkle logs, DSSE/in-toto provenance, and a real disclosure policy.
read more →The remediation pipeline and test infrastructure around the analyzer: idempotent ticketing, an encrypted dispatch layer, and a full mock-ServiceNow environment.
read more →Looking for roles in vulnerability management, security tooling, and security software engineering. Everything on this site was built solo, so I'm comfortable owning a problem from raw idea to signed, published, compliance-evidenced release — and equally comfortable being handed the ugly bug nobody can reproduce.