About Us
$ navigate_to_section
# Our Origin Story
Platform Security is a community. It came about because we kept running into other practitioners wrestling with the same problem: how to secure platforms without slowing developers down. Instead of everyone reinventing the same playbook in isolation, we built a place to share what works, learn from each other, and push platform security forward in the open.
The people behind it had lived the problem—embedded between the platform team and developer experience, building a security function that spoke both languages. The mandate was simple but hard: design infrastructure where many developers could ship quickly without turning the platform into something fragile.
We learned quickly that buying another tool wasn’t the answer. What worked was treating security as a first-class property of the platform itself: secure defaults, paved roads, opinionated guardrails, and feedback that met engineers where they actually work—in CI pipelines, in templates, and in their everyday workflows.
When we stepped back, we realized the problems we’d been solving weren’t unique. Every organization was quietly reinventing the same platform security patterns, often from scratch and almost always under pressure. We decided to turn that internal playbook into an open mission and share how to build secure platforms in public.
Platform Security exists to close that gap. We publish research, share methodologies, and maintain a space where practitioners can compare notes and raise the bar. The goal is the same as it was from the start: give engineers a platform they can trust, and give security teams the leverage they need to keep up.
# Team
> Platform Security Engineer
Matthew Keeley is a distinguished security engineer and researcher with over a decade of experience in platform security, AI-driven vulnerability research, and security automation. Matthew has been instrumental in building secure-by-default platform architectures and discovering critical vulnerabilities that have shaped industry security practices.
Matthew founded Platform Security to share practical field experience and cutting-edge research with the security community. His work has led to the discovery of over 20 CVEs, development of automated vulnerability detection systems, and pioneering research in adversarial AI testing. He regularly contributes to open source security tools and shares methodology through detailed technical write-ups.
Connor Laidlaw
$ Research Advisory Board
> Application Security Engineer
Connor Laidlaw is an application security engineer with a strong track record of anticipating how threat actors will attempt to abuse critical applications and engineering the defenses needed to keep them resilient. He has led efforts to integrate AI into traditionally time-consuming security workflows such as SAST and SCA, and has developed highly context-aware offensive security agents that surface subtle, real-world attack paths.
Connor has helped design the protections that keep applications online during Taylor Swift–scale launch events by proactively identifying sophisticated automation and botting strategies before they hit production. He has uncovered multiple zero-day vulnerabilities in major vendor platforms by reversing live traffic patterns that bot authors were abusing, and translated those insights into durable detection and mitigation controls for high-traffic, high-risk environments.
> Binary Exploitation & Malware Analysis
Nathan Smith is a binary exploitation expert and vulnerability researcher specializing in reverse engineering, low-level systems analysis, and automated malware detection. His research focuses on discovering critical vulnerabilities in complex systems and developing tools for automated threat analysis. Nathan contributes deep technical expertise in embedded systems security and critical infrastructure protection.
Nathan has discovered multiple zero-day vulnerabilities through advanced binary analysis techniques and contributes to open-source security tools used by researchers worldwide. His work on automated malware analysis and embedded systems security provides practical insights for securing critical infrastructure and complex platforms.
> Offensive Security Research & Tool Development
Alexander Aviles is a cybersecurity researcher specializing in offensive security tooling and post-exploitation framework development. With a B.S. Computer Science (Cybersecurity) from Arizona State University, graduating Summa Cum Laude, Alexander has contributed to cutting-edge research in command and control (C2) frameworks and red team operations. His work includes developing Eshu, a framework for managing compromised systems through live implants, and Ender, a modular exploit engine for cross-platform migrations.
Alexander's research focuses on practical offensive security applications, having achieved First Place in TryHackMe's Sapphire League and ranking in the top 7% of users. His technical expertise spans Python development, Docker containerization, and vulnerability research, with published work on system architecture and operational security methodologies. Alexander is currently pursuing an M.S. Computer Science (Cybersecurity) while simultaneously studying for his Offensive Security OSCP certification. He brings both academic rigor and hands-on experience to the team's research initiatives.
Tomas Bonner
$ Research Advisory Board
> Financial Systems Security
Tomas Bonner researches security architectures for financial systems, focusing on banking infrastructure, payment networks, and fintech platforms. His research expertise spans threat modeling for financial environments, fraud detection systems, and security frameworks that balance regulatory compliance with innovation. Tomas contributes insights on securing emerging financial technologies and distributed payment systems.
Tomas has developed innovative threat modeling approaches for financial systems that have become reference methodologies in the industry. His research on securing emerging financial technologies and distributed payment systems provides practical guidance for implementing robust security controls in rapidly evolving financial environments.
> Cloud Security Researcher
Austin Ballard is at the forefront of cloud security innovation, pioneering new methodologies for securing complex multi-cloud environments. His groundbreaking research into cloud infrastructure vulnerabilities has revealed critical security gaps affecting thousands of organizations worldwide. Austin's expertise spans AWS, Azure, and GCP platforms, where he has developed specialized techniques for identifying misconfigurations and security flaws that traditional scanning tools miss.
Austin specializes in cloud security architecture and containerization security. His research has revealed significant vulnerabilities in common cloud misconfigurations that affect thousands of organizations. He's developed methodologies for securing multi-cloud environments that balance security with operational efficiency, helping companies maintain robust security postures as they scale their cloud footprint.
# Certifications & Expertise
Our team holds industry-leading certifications that demonstrate our expertise and commitment to maintaining the highest standards in cybersecurity.
$ cat team_commitment.txt
We’re committed to raising the bar for platform security in the open. Pragmatic security that enables builders while protecting what matters. Join the conversation.
$ ./contact_team.sh
Initiating secure communication channel...
Reach the community at: contact@platformsecurity.com
$ _