Background
Who I am
I'm a System Engineer and IAM (Identity & Access Management) Engineer. My work centers on designing and hardening infrastructure, identity systems, and access controls so that the right people and systems get the right access — and nothing more.
On the backend, I spend most of my time in Entra ID, Okta, AWS IAM, and custom IdP integrations — writing policies, auditing access, and building zero trust frameworks that actually hold up under pressure. I automate everything with Terraform, Python, and PowerShell because manual processes don't scale and they breed drift.
On iOS, I build tools like Autheris — a secure 2FA token manager that lives entirely on-device. The goal is to take the same security principles I apply to cloud infrastructure and make them practical in the palm of your hand. This site is where I showcase those projects and point to their dedicated pages. When I'm not building, I write about IAM hardening, authentication patterns, and threat intelligence on the blog.
Latest
Recent posts
Security research, technical deep-dives, and threat intelligence. View all posts →
CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog
CISA added Mirasvit Cache Warmer deserialization flaw CVE-2026-45247 (CVSS 9.8) to the KEV catalog. Federal patch deadline is June 24. Active exploitation confirmed.
Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories
A security flaw in Anthropic's Claude Code GitHub Action allowed attackers to take over vulnerable public repositories with nothing more than a single malicious issue. Because Anthropic's own action repo used the same vulnerable workflow, a successful attack could have pushed malicious code into the action itself.
Microsoft 365 Android Apps: A Debug Flag That Gave Away Your Identity
Microsoft 365 Android apps shipped with setIsDebugMode(true) in production, letting any app on your phone steal account tokens. Six apps. Billions of downloads. One line of code.