I’m building
security in public.

I’ve been building AI for security systems for about 10 years. I have been running experiments and developing ideas I think could make security products much better.

Security in Public is where I build and publish those ideas: essays, open-source evals, simulated environments, naive implementations, methods, and tools for AI and decision under uncertainty in cybersecurity.

Grounded Confidence

Your AI can be very confident and very wrong. I want confidence to predict correctness, and I want the system to know when that confidence was earned.

I am starting with a phishing/BEC agent, expert-labeled evals, and a naive implementation that derives confidence from where the agent historically performed well on similar cases.

Open the starter note →
  1. 01 Self-reported confidence cannot be trusted.
  2. 02 Confidence should be grounded in expert-labeled evals.
  3. 03 The phishing eval set will be public.
  4. 04 The first implementation will be naive on purpose.

Grounded Confidence

Your AI agents need to act. But only when they're right.
Self-reported confidence is terrible, terrible, terrible.

Grounded Confidence uses historical ground truth to decide when confidence is earned.

The Action Cliff

Products optimize for understanding. The drop happens at decision.

Gamebooks

Plan whole games, not play-by-play. Investigation designed as questions, not steps.

CPR Scoring

Confidence, Precision, Reversibility. A method for deciding what's safe to do.

The Decision Problem

The industry framed response as a speed problem. It was always a decision quality problem.

Opinionated Products

Showing four actions with no guidance isn't flexibility. It's abdication.

I’ve been building AI into core security decisions and processes since 2016, exploring how AI systems investigate, reason, decide, and act in high-stakes security environments.

Security in Public is where I build around the structural failures I keep finding in security products, especially the gap between detections and action. More about me →

Buy me a coffee