Background
Who I am
I'm a System Engineer and IAM (Identity & Access Management) Engineer. My work centers on designing and hardening infrastructure, identity systems, and access controls so that the right people and systems get the right access — and nothing more.
On the backend, I spend most of my time in Entra ID, Okta, AWS IAM, and custom IdP integrations — writing policies, auditing access, and building zero trust frameworks that actually hold up under pressure. I automate everything with Terraform, Python, and PowerShell because manual processes don't scale and they breed drift.
On iOS, I build tools like Autheris — a secure 2FA token manager that lives entirely on-device. The goal is to take the same security principles I apply to cloud infrastructure and make them practical in the palm of your hand. This site is where I showcase those projects and point to their dedicated pages. When I'm not building, I write about IAM hardening, authentication patterns, and threat intelligence on the blog.
Latest
Recent posts
Security research, technical deep-dives, and threat intelligence. View all posts →
Funnel Builder Skimmer: 40,000 WooCommerce Stores at Risk
A missing authorization check in the Funnel Builder WordPress plugin allowed attackers to inject payment skimmers into 40,000+ WooCommerce stores. Sansec reports active exploitation.
Exchange CVE-2026-42897 Is Being Exploited Right Now
Microsoft confirmed active exploitation of a cross-site scripting flaw in on-prem Exchange Server. CVSS 8.1, no patch yet, and attackers are already using it.
Cisco SD-WAN Authentication Bypass: CVE-2026-20182 and the Repeat of CVE-2026-20127
Cisco confirmed another critical authentication bypass in SD-WAN Controller with active exploitation. CVE-2026-20182 carries a CVSS 10.0 and bypasses authentication entirely—no patch bypass of the earlier CVE-2026-20127, just a different bug in the same service.