The work I focus on across AI-agent and SOC security.
These are the areas I study, build, and write about — securing tool-calling agents, guardrailing tool execution, and making agent and SOC workflows audit-ready. Each card goes deeper into how I approach it.
AI Agent Security Review
Identify risks in tool-calling agents — MCP permissions, prompt-injection exposure, data leakage, audit gaps, and weak approval controls.
Learn moreMCP Security Review
Review MCP tool usage, dangerous permissions, scoped access, policy enforcement, approval gates, and auditability.
Learn morePrompt Injection Testing
Test tool-calling agents against prompt-injection, tool abuse, data leakage, and unauthorized-action scenarios.
Learn moreSOAR Playbook Development
Design and build playbooks for phishing triage, IOC enrichment, EDR isolation approval, and incident escalation.
Learn moreAI-SOC Prototype
Build a proof-of-concept AI-assisted SOC workflow: triage, enrichment, risk scoring, approval, and audit logging.
Learn moreIOC Enrichment Automation
Automate IOC enrichment with threat-intel sources, SIEM/SOAR context, risk scoring, and analyst-ready summaries.
Learn moreEvidence, not claims.
Repositories, diagrams, demos, test packs, blueprints, and sample reports — the artifacts behind the work.
MCP Guardian
Policy layer for AI-agent tool usage across MCP servers.
Prompt Injection Test Pack
Attack scenarios for tool-calling agents, by boundary.
AI-SOC Workflow Demo
Alert → enrichment → approval → audit log, end to end.
Security Review Sample Report
The format I use for an AI-agent security review.
SOAR Workflow Blueprints
Reusable playbook patterns across XSOAR, Tines, Sentinel.
Architecture Diagrams
Node-based AI-SOC and guardrail architecture visuals.
Audit Log Examples
Tamper-evident records of agent tool calls and approvals.
Case Studies
Executive write-ups: problem, approach, outcome.
Working on something similar?
If you're building tool-calling agents or modernizing a SOC and want to compare notes, swap ideas, or ask a question, I'm happy to talk.