No Bullshit.
Just AppSec that works.
AppSec that works enables developers.
Ready to face your AppSec challenges?
It does not matter if you are the dedicated AppSec lead, a security focused developer, or the CEO. If you are responsible for Application Security, or it has simply become your problem, you are in the right place.
The truth is: No single role can handle AppSec alone.
AppSec responsibility must be shared across roles and teams with clear accountability, backed by lightweight processes and actually useful tools.
I help you face your daily AppSec challenges with clarity and confidence. You need trust and security competence, not control.
Let's start with accountability.
The AppSec Ownership Model
We are all responsible for AppSec. Does that sound right to you?
Shared responsibility fails when it is not built on clear accountability.
I developed a practical AppSec Ownership Model to help you set clear expectations for each role. You can explore it on my blog.
- Understand which roles need to own which parts of AppSec.
- Dive into each role for clear responsibilities and boundaries.
- Learn how to bring in external expertise without losing independence.
Apply it to your context: Where is accountability currently missing?
Empowering through preparation, not limitation.
Am I YOUR AppSec Guide?
It’s pretty simple. If you’re only here to check boxes, please move on. If you want to build real resilience, then you’re in exactly the right place – and I’m glad you’re here. You need someone who doesn’t just talk about resilience. You need someone who lives it. I built my whole life around resilience.
I chose freedom over security when I embraced full-time overland travel in my old 4x4 Chevrolet Blazer. That means being ready to fix whatever comes my way. Whether the car breaks down, gets stuck, or I'm just really sick and need to recover somewhere remote.
On the road or in security, I know I won’t have all the answers right away. But I’ll figure it out, using the skills and tools I have to make the best of it.
It's your choice:
- Go the corporate route, hire the suit, buy tools you don’t need and check your boxes.
- Or work with someone who helps you build something that actually works in the wild.
For me, AppSec isn’t about limiting your freedom to build your vision. It’s about being prepared for the road ahead and keep moving.
Just like I constantly prep for the next off-road challenge by learning how to fix my rig, carrying the right gear, recovering when stuck, or leaning on my network when I need it – we’ll build your AppSec strategy to be just as ready for your next epic expedition in software.
Strong security relies on culture.
What can you expect?
This is not an all-inclusive holiday where you lie on the beach and get served cocktails. Remember, you're on a mission. You're bringing your vision to life through software. You need a guide – not a waitress.
So yes, this will be an adventure: pure, muddy, and wild. Together, we’ll build software that leaves a mark – just like the best adventures do.
I’ll meet you where you are.
With your tools. Your team. Your software. Your budget. It doesn’t matter whether you’re starting from scratch or looking to level up an existing AppSec program. We’ll build your individual AppSec strategy based on the core principles I discovered along the way, with full respect for your context.
We design processes that actually fit your workflow and team. We choose the right tools for your goals and your budget. And we tackle the most overlooked aspect of them all: your security culture. We won’t draft it on paper, write some policies, and forget about it. We’ll train it until it’s in your blood – until you live your security strategy.
Ready to explore the AppSec landscape?
Stop talking. Start building.