Projects & Case Studies¶

Cloud Control Pack (AWS) In Progress Default-deny S3 + GuardDuty export; scoped IAM with CIS/NIST mapping. Cloud GRC AWS Tech: AWS IAM, S3, GuardDuty, CloudTrail, Terraform Read Demonstrates: Cloud guardrails, evidence pipeline, compliance mapping

TraceLock™ (RF/SDR Security) Active Evidence-first RF/SDR pipeline with AI-assisted parsing across 6 wireless domains. RF Detection Python Tech: Python, HackRF, RTL-SDR, SQLite, Kismet Read Demonstrates: Wireless threat detection, evidence logging, detection engineering

GIAP™ — GRC Intake Automation Infra Live Self-hosted Nextcloud + n8n + SuiteCRM on Proxmox VMs. GRC Automation Self-Hosted Tech: Proxmox, Nextcloud, n8n, SuiteCRM, Nginx, MySQL Read Demonstrates: Intake automation, retention policies, audit-ready workflows

Baseline Evidence Drop Complete Consent-first Windows evidence collector with hashes, manifest, and control mapping. GRC Evidence PowerShell Tech: PowerShell, SHA-256, JSON manifest Read Demonstrates: Agentless evidence collection with integrity verification

PCI-DSS Endpoint Hardening Complete Rapid hardening (<48 hours) with 47+ controls mapped and evidence pack. Compliance Hardening PCI-DSS Tech: GPO, BitLocker, Windows Firewall, PowerShell Read Demonstrates: Compliance-ready endpoint builds with audit evidence

Secure Intake Portal Active Nextcloud + n8n + SuiteCRM intake with RBAC, retention, and audit trails. Compliance Intake Automation Tech: Nextcloud, n8n, SuiteCRM, LDAP Read Demonstrates: Governed intake, role-based access, logged workflows

Detection & IR Lab Active SIEM/IDS tuning, incident drills, authored detections with enrichment. Detection IR SIEM Tech: Security Onion, TheHive, Cortex, Suricata, Zeek Read Demonstrates: Alert tuning, triage discipline, runbook execution

Zero Trust Access Pilots Evaluated Tailscale/Twingate/Netbird evaluation for secure remote access. ZTNA IAM Access Tech: Tailscale, Twingate, Netbird, WireGuard Read Demonstrates: Tested access patterns with documented tradeoffs

Self-Hosted Stack Hardening Active SuiteCRM, Docuseal, Nextcloud, Wiki.js with IAM, backups, patch automation. Hardening Infrastructure Linux Tech: Proxmox, Ubuntu, Nginx, Let's Encrypt, Fail2ban Read Demonstrates: Production-grade self-hosted infrastructure security

Remote Access & Zero-WAN Active Tailscale/RustDesk remote access with no exposed WAN ports. Access Hardening Zero-Trust Tech: Tailscale, RustDesk, UFW, SSH hardening Read Demonstrates: Secure remote access without attack surface exposure

RF/UAS Security Research Ongoing SDR payloads, BLE/Sub-GHz reconnaissance, and 3D-printed sensor housings. RF Innovation Hardware Tech: HackRF, Flipper Zero, ESP32, FreeCAD Read Demonstrates: Hardware security research with practical applications

AgenticOS — AI Orchestration Active Deterministic AI agent layer with 72 health checks and audit-grade logging. AI Automation Python Tech: Python, YAML, JSON, Multi-provider LLM APIs Read Demonstrates: 6,361 LOC of production-grade AI governance tooling