Building security and power in systems and for people.
Compliance isn't a checklist, and infosec isn't the police. I see GRC as a puzzle of human behavior, technology, and trust.
With a background in the public sector, I've learned that the most secure systems are the ones people actually understand and use. My work focuses on simplifying GRC processes without compromising on rigor.
I build tools, write guides, and advocate for systems that serve the community, not the other way around.
Tools and frameworks built for the modern GRC workflow.
A secure, client-side application for performing gap analyses against NIST 800-171, 800-172, and CSF 2.0. Built for privacy, speed, and offline capability.
One part exploration of the philophy of the future of work, and one part runbook for the busy professional to find the useful parts of the AI hype. This book covers real systems designed for the enterprise, so teams can use AI securely and efficiently.
Download PDF