Selected work
I build products, not just advise on them
Consulting gives me breadth. Building products gives me depth. These ventures exist because I saw problems nobody was solving and decided to solve them myself.
AI governance
Vectimus
AI agents could execute shell commands, modify files and call APIs with no governance layer between intent and execution. Four real incidents in six months told me the industry wasn't going to solve this fast enough. So I built the solution.
78 Cedar policies intercept every tool call before execution, evaluated in under 5ms. Compliance evidence generates as a byproduct, not a separate workstream. Governs AI coding tools and agent frameworks used worldwide.
Compliance mapping
OWASP top 10 for agentic AI
10 of 10 categories covered
SOC 2 (CC6/CC7/CC8)
Trust services criteria for AI tool operations
NIST AI RMF and NIST CSF 2.0
AI risk management and cybersecurity framework alignment
EU AI Act
Evidence built into every policy decision
ISO 27001, CIS Controls and SLSA
Information security and software supply chain controls
Music technology
SquareWave Studio
I couldn't find decent software to manage patches on my music hardware. So I built my own. What started as scratching my own itch became a product serving musicians worldwide.
Full product lifecycle from concept to market. Reverse-engineered hardware protocols, designed the architecture, built the product and launched it. Four AI agents now handle daily operations, from support triage to bug fixes, without compromising quality.
Visit squarewave.studio (opens in new tab)EP-PatchStudio
Create custom multisamples for EP-40 Riddim with file management and transfer across EP series devices. Auto-sampling, MIDI SysEx and TNGE format support.
ep-patch.studioOP-PatchStudio
Patch management for OP-XY. Browse, organise and backup patches with in-browser sound preview and drag-and-drop functionality.
op-patch.studio