LLM-Enhanced SAST
Bachelor's Thesis · TalTech
An automated DevSecOps pipeline that eliminates SAST alert fatigue and prevents data leakage by triaging vulnerabilities locally on consumer-grade hardware. A custom semantic parser paired with an "abliterated" (uncensored) 4B small language model bypasses AI safety refusals on security-audit code, doubling vulnerability detection recall while keeping source code fully private.
Tech: Python, Local LLM, Semantic Parsing, SAST
CIS Benchmark-Based Endpoint Hardening
Security Engineering · Admirals
Engineered and rolled out CIS Benchmark-aligned security baselines for Windows endpoints, and streamlined patch management with automated scripting for secure, background deployment of critical security updates.
Tech: Windows, CIS Benchmarks, Audit Controls, Automated Patch Management
PHP CLI Password Manager
University Project · Secure Programming
Developed a secure, interactive command-line vault. Features libsodium encryption (Argon2id, XChaCha20-Poly1305), strict data validation, and Linux clipboard integration.
Tech: PHP 8.4, Symfony Console, libsodium
Ansible Infrastructure as Code
University Project · IT Infrastructure Services
Single Ansible playbook that turns three bare Ubuntu VMs into a highly available web setup: dynamic DNS with BIND9, replicated MySQL, a Dockerized app tier behind HAProxy with Keepalived VIP failover, plus a full Prometheus/Loki/Grafana monitoring stack and scheduled offsite backups via Duplicity. Secrets are encrypted with Ansible Vault, and config changes to Prometheus/Loki are validated with automatic rollback on failure.
Tech: Ansible, BIND9, MySQL, Docker, HAProxy, Keepalived, Prometheus, Grafana, Loki, Duplicity
Wazuh SIEM/XDR
Security Engineering
Built a robust SIEM/XDR platform using Wazuh, integrating custom YARA-based detection rules for advanced malware analysis and threat alerting.
Tech: Wazuh, YARA, Linux, Windows, Syslog
AI Sales Assistant
AI Automation · Cybertex Security
Full-stack AI sales assistant with a ChatGPT-style interface, backed by an n8n workflow that coordinates multiple AI agents, contextual reasoning, and RAG-based memory over a PostgreSQL catalog of several hundred products to deliver accurate, context-aware recommendations.
Tech: HTML/CSS/JS, n8n, OpenAI API, PostgreSQL, RAG
FinCheck - Personal Finance Tracker · Web Technologies
University Project
Full-stack web app for budgeting, categorization, and charts with strong security controls against XSS and SQL injection.
Tech: PHP, JavaScript, MySQL, HTML/CSS
Orbital Signal Deception Planner
Defence AI Hackathon 2025
AI-based counter-SIGINT prototype that forecasts 24-hour satellite trajectories over target zones and uses a local LLM to generate rule-based deception tactics against SIGINT surveillance.
Tech: Python, Local LLM, Skyfield, JavaScript
CyberBazaar 2024 - Email Security & Governance
Cybersecurity Hackathon · 4th place
Co-developed EUMTP (European Union Mail Trust Policy), a proposed EU-wide regulation enforcing SPF, DKIM, DMARC, DNSSEC, and TLS across email services to curb spoofing-driven fraud, with GDPR-inspired compliance audits and phased implementation.
Tech: Email Security, SPF/DKIM/DMARC, Policy Design