About Us
$ navigate_to_section
# Our Origin Story
Platform Security was born out of frustration.
We were a group of security engineers who kept seeing the same problem. Most security content was either vendor marketing disguised as technical guidance, or academic research that didn't translate to real-world implementation. Neither approach helped engineers actually secure the platforms they were building.
So we created something different.
Platform Security isn't just our name. It's what we research and write about. The term refers to the security of the platforms where modern applications run - cloud infrastructure, Kubernetes, containers, CI/CD pipelines, and identity systems. It's not about layering on third-party tools. It's about understanding the fundamentals and building security in from the start.
We focus on what matters. No vendor pitches. No theoretical fluff. Just practical field notes from engineers who've built, broken, and secured real systems at scale.
Our team has deep expertise in this space. We conduct original research, discover vulnerabilities, and share complete methodologies. Platform security is our craft, and we're here to advance the field through open knowledge sharing.
# Team
> Platform Security Engineer
Matthew Keeley is a distinguished security engineer and researcher with over a decade of experience in platform security, AI-driven vulnerability research, and security automation. Matthew has been instrumental in building secure-by-default platform architectures and discovering critical vulnerabilities that have shaped industry security practices.
Matthew founded Platform Security to share practical field experience and cutting-edge research with the security community. His work has led to the discovery of over 20 CVEs, development of automated vulnerability detection systems, and pioneering research in adversarial AI testing. He regularly contributes to open source security tools and shares methodology through detailed technical write-ups.
Diego Martinez
$ Research Advisory Board
> DevSecOps Security Engineer
Diego Martinez is a DevSecOps engineer specializing in security automation and CI/CD pipeline hardening. His research focuses on practical approaches to integrating security controls into modern development workflows without compromising developer velocity. Diego contributes expertise in container security, infrastructure-as-code validation, and scalable security architecture patterns.
Diego's research on scalable security frameworks has influenced how organizations approach cloud-native security. His methodologies for automated security validation and developer-friendly security tooling have been adopted by teams transitioning to cloud-native architectures. He focuses on bridging the gap between security requirements and practical implementation.
> Binary Exploitation & Malware Analysis
Nathan Smith is a binary exploitation expert and vulnerability researcher specializing in reverse engineering, low-level systems analysis, and automated malware detection. His research focuses on discovering critical vulnerabilities in complex systems and developing tools for automated threat analysis. Nathan contributes deep technical expertise in embedded systems security and critical infrastructure protection.
Nathan has discovered multiple zero-day vulnerabilities through advanced binary analysis techniques and contributes to open-source security tools used by researchers worldwide. His work on automated malware analysis and embedded systems security provides practical insights for securing critical infrastructure and complex platforms.
> Offensive Security Research & Tool Development
Alexander Aviles is a cybersecurity researcher specializing in offensive security tooling and post-exploitation framework development. With a B.S. Computer Science (Cybersecurity) from Arizona State University, graduating Summa Cum Laude, Alexander has contributed to cutting-edge research in command and control (C2) frameworks and red team operations. His work includes developing Eshu, a framework for managing compromised systems through live implants, and Ender, a modular exploit engine for cross-platform migrations.
Alexander's research focuses on practical offensive security applications, having achieved First Place in TryHackMe's Sapphire League and ranking in the top 7% of users. His technical expertise spans Python development, Docker containerization, and vulnerability research, with published work on system architecture and operational security methodologies. Alexander is currently pursuing an M.S. Computer Science (Cybersecurity) while simultaneously studying for his Offensive Security OSCP certification. He brings both academic rigor and hands-on experience to the team's research initiatives.
Tomas Bonner
$ Research Advisory Board
> Financial Systems Security
Tomas Bonner researches security architectures for financial systems, focusing on banking infrastructure, payment networks, and fintech platforms. His research expertise spans threat modeling for financial environments, fraud detection systems, and security frameworks that balance regulatory compliance with innovation. Tomas contributes insights on securing emerging financial technologies and distributed payment systems.
Tomas has developed innovative threat modeling approaches for financial systems that have become reference methodologies in the industry. His research on securing emerging financial technologies and distributed payment systems provides practical guidance for implementing robust security controls in rapidly evolving financial environments.
> Cloud Security Researcher
Austin Ballard is at the forefront of cloud security innovation, pioneering new methodologies for securing complex multi-cloud environments. His groundbreaking research into cloud infrastructure vulnerabilities has revealed critical security gaps affecting thousands of organizations worldwide. Austin's expertise spans AWS, Azure, and GCP platforms, where he has developed specialized techniques for identifying misconfigurations and security flaws that traditional scanning tools miss.
Austin specializes in cloud security architecture and containerization security. His research has revealed significant vulnerabilities in common cloud misconfigurations that affect thousands of organizations. He's developed methodologies for securing multi-cloud environments that balance security with operational efficiency, helping companies maintain robust security postures as they scale their cloud footprint.
# Certifications & Expertise
Our team holds industry-leading certifications that demonstrate our expertise and commitment to maintaining the highest standards in cybersecurity.
# Our Approach
> Field-Tested Research
Every article we publish is grounded in real-world experience. We don't write about theoretical concepts - we share techniques we've actually used in production environments, vulnerabilities we've discovered, and solutions that have proven effective under pressure.
> No-Fluff Content Standards
We cut through the noise. No marketing speak, no vendor pitches, no rehashed content from other blogs. If we publish it, it's because we believe it adds genuine value to the platform security community and can be applied immediately.
> Open Research Methodology
When we discover vulnerabilities or develop new techniques, we share our complete methodology. We include proof-of-concept code, detailed exploitation steps, and defensive measures so others can learn from and build upon our work.
> Community-Driven Learning
Platform security evolves rapidly. We stay current by actively participating in the security community, contributing to open source projects, and engaging with other researchers. Our content reflects the latest developments in the field.
$ cat team_commitment.txt
Our team is committed to raising the bar for security across the industry. We believe in pragmatic security that enables business objectives while protecting critical assets. Let's secure your platform together.
$ ./contact_team.sh
Initiating secure communication channel...
Connect with us at: [email protected]
$ _