Cybersecurity leader with deep expertise in cloud security architecture, threat detection & response, and enterprise security operations — protecting environments spanning 120+ AWS accounts.
I'm a cybersecurity professional specializing in cloud security architecture and enterprise security operations. Currently based in Budapest, Hungary, I manage a comprehensive InfoSec program spanning endpoint detection and response, vulnerability management, identity security, network security, and cloud workload protection.
My day-to-day involves operating and optimizing a mature security stack including CrowdStrike Falcon, Rapid7 InsightIDR/InsightVM/InsightConnect, Zscaler, BeyondTrust, Abnormal Security, and Palo Alto/Fortinet firewalls — all protecting an extensive AWS environment of 120+ accounts with hundreds of Linux and Windows servers.
I'm passionate about closing visibility gaps, automating security workflows, and translating complex threat landscapes into actionable strategy. Whether it's investigating suspicious emails, analyzing vulnerability exploitation trends, or building custom security tools — I focus on outcomes that measurably reduce risk.
AI-powered packet capture analysis tool that parses PCAP files directly in the browser, identifying suspicious traffic patterns, DGA domains, protocol anomalies, and generates visual network flow maps.
Interactive web application that creates visual diagrams and flow maps of the MITRE ATT&CK framework, enabling security teams to map adversary TTPs and identify detection coverage gaps.
Python-based tool that cross-references Rapid7 and CrowdStrike agent deployments across the entire server estate, identifying coverage gaps and generating remediation reports by OS and environment.
Data analysis pipeline that tracks CVE exploitation timelines, identifying trends in time-to-exploit metrics and generating insights for proactive patch prioritization and risk communication.
Analysis of CVE exploitation trends showing that adversaries are weaponizing vulnerabilities faster than ever, and what that means for your patching strategy.
Read more →Practical approaches to cross-account security architecture, IAM governance, and maintaining visibility across a large-scale AWS environment.
Read more →How to systematically identify and remediate agent coverage gaps across CrowdStrike and Rapid7 in mixed OS environments with legacy servers.
Read more →Walkthrough of investigating a suspicious Deloitte audit confirmation email, from initial triage through IOC enrichment and MITRE ATT&CK mapping.
Read more →Whether you need help with cloud security architecture, security operations optimization, tool evaluation, or incident response — I'd love to hear from you.