I’m a Security Engineer at OpenAI. Most of my day-to-day work is focused on securing Azure, AWS, Terraform, DevOps workflows, Windows, and Active Directory.

Before that, I worked on Active Directory and security at Microsoft in the Asia Pacific region, where I earned the Microsoft Certified Master (MCM) credential for Active Directory. I later moved to the Windows Kernel Engineering team in Redmond and worked on Windows 8 and 10.

I enjoy offensive security work whenever I get the chance. Over time I completed the OSCE, OSEP, OSCP, OSWP, and GXPN, and I have also spent time on the Synack Red Team looking for vulnerabilities across a range of systems. I mention those things mostly as context: they have shaped how I think about Windows, identity, and defensive engineering, but I still feel like there is always more to learn.

This site is a small attempt to contribute something useful back to the broader security community. I write up things I find interesting, confusing, or worth preserving so they might save someone else a bit of time.

If you work for a charity or non-profit organization and could use security or infrastructure advice, please get in touch. I’d be genuinely happy to help where I can.

I sometimes write in a less casual style for the companies I work for.

Some examples:

• Restricting SMB-based Lateral Movement in a Windows Environment
• Microsoft Defender Attack Surface Reduction Recommendations
• Assessing the Effectiveness of a New Security Data Source: Windows Defender Exploit Guard
• Windows Privilege Abuse: Auditing, Detection, and Defense
• Building Software for a Zero Trust World
• Managing and Automating Browser Extensions at Scale