Background
Who I am
I'm a System Engineer and IAM (Identity & Access Management) Engineer. My work centers on designing and hardening infrastructure, identity systems, and access controls so that the right people and systems get the right access — and nothing more.
On the backend, I spend most of my time in Entra ID, Okta, AWS IAM, and custom IdP integrations — writing policies, auditing access, and building zero trust frameworks that actually hold up under pressure. I automate everything with Terraform, Python, and PowerShell because manual processes don't scale and they breed drift.
On iOS, I build tools like Autheris — a secure 2FA token manager that lives entirely on-device. The goal is to take the same security principles I apply to cloud infrastructure and make them practical in the palm of your hand. This site is where I showcase those projects and point to their dedicated pages. When I'm not building, I write about IAM hardening, authentication patterns, and threat intelligence on the blog.
Latest
Recent posts
Security research, technical deep-dives, and threat intelligence. View all posts →
Microsoft Entra Passkey Vishing: When Phishing-Resistant Auth Becomes the Lure
Threat actor O-UNC-066 is weaponizing Microsoft's own passkey enrollment campaigns. Vishing calls direct victims to fake Entra passkey registration flows that enroll attacker-controlled keys instead.
GhostApproval: Symlink Trick Lets Malicious Repos Hijack Developer Machines via AI Assistants
Wiz found a flaw in six AI coding assistants where a symlink in a malicious repo lets attackers write to your SSH keys or shell startup files. The approval dialog lies about what file is being edited.
15-Year-Old GhostLock Flaw Enables Root and Container Escape on Most Linux Distros
A 15-year-old Linux kernel flaw has been hiding in plain sight since 2011. GhostLock (CVE-2026-43499) lets any logged-in user take full root control and escape containers. The vulnerable code ships by default in essentially every mainstream distribution.