Welcome to the first post. I’ve spent the last several years working in application and product security — threat modeling, code review, mobile security, and hunting for scalable, high-impact issues. This blog is where I’ll write some of that down.
What to expect
A few themes I want to cover over time:
- Threat modeling in practice — not the textbook version, but what actually works when you’re sitting with an engineering team.
- Mobile & web security — real vulnerability patterns, and how to fix them centrally instead of one ticket at a time.
- AppSec at scale — using automation and AI-driven tooling to make security keep up with engineering velocity.
How this is built
This site is a hand-built static page, and the blog runs on Jekyll — which GitHub Pages builds automatically. Writing a new post is just adding a Markdown file like this one. No build server, no database.
Security isn’t a feature you bolt on. It’s a property you design in.
More soon.