I’m a Software Security Engineer at Block Inc., specializing in cloud-native security pipelines and application security.

Previously at Meta and Praetorian, I focused on building secure systems and contributing to the security community through research and open-source projects.

Latest Posts

# Breaking Isolation Boundaries: VM Escapes, Container Breakouts, and Sandbox Escapes

2026-04-05 14 min read

A deep technical analysis of 2025's most dangerous attack pattern — isolation boundary escapes. From vsock VM escapes to UNIX socket sandbox bypasses, understanding how attackers break out of…

containers linux kernel security Virtualization Sandbox VM Escape Exploitation

Read

# Seccomp-BPF: Confining Linux Processes at the Syscall Boundary

2026-02-23 23 min read

A deep dive into Linux seccomp-BPF — building syscall sandboxes from raw BPF filters to production-grade policies, with practical C examples and analysis of how Chrome, Docker, and systemd use…

containers linux kernel security Seccomp BPF Sandboxing Syscalls Hardening

Read

# eBPF for Security Monitoring: Kernel-Level Visibility Without the Overhead

2026-02-21 12 min read

A deep dive into using eBPF to build high-performance, kernel-level security monitoring tools — covering syscall tracing, network inspection, and intrusion detection with practical Python examples.

linux kernel security eBPF Observability BCC Intrusion Detection Syscall Tracing

Read

Tags

Latest Posts

# Breaking Isolation Boundaries: VM Escapes, Container Breakouts, and Sandbox Escapes

# Seccomp-BPF: Confining Linux Processes at the Syscall Boundary

# eBPF for Security Monitoring: Kernel-Level Visibility Without the Overhead