David Wolf's Projects

A product-security assessment of browser trust boundaries, privileged pages, native bridges, script-injection persistence, credential surfaces, and native command dispatch.

Building a scalable, evidence-driven product security function for a global enterprise software platform.

A control-architecture and evidence-readiness effort translating FedRAMP Moderate requirements into policy, standards, technical controls, operational procedures, and audit-ready proof.

A flagship research report turning AI security job-market noise into evidence about roles, skills, control gaps, hiring signals, and the emerging AI security engineering discipline.

A practical field handbook for turning AI security from policy language into executable engineering work, control evidence, and operator-ready workflows.

A compact methodology for connecting AI inventory, threat modeling, prompt injection, agent permissions, RAG authorization, AI supply chain, evidence, and governance.

A Splunk-based IAM monitoring and executive reporting project across Disney access-control and identity systems for campuses and offices.

A paid consulting engagement using LLM-assisted attack trees, MITRE ATT&CK mapping, ServiceNow asset inventory, enterprise architecture context, synthetic logs, and Splunk SPL detections.

Technical hospitality marketing, destination data, inventory normalization, and direct-booking support for independent hotels.

PCI DSS Level 3 scoping, gap analysis, and compliance program delivery for a forex trading and payment processing platform.

3x Salesforce Data.com Rainmaker recognition for OSINT-driven B2B contact mining, normalization, and ABM outreach campaign delivery for a performance advertising platform.

Clinical and cognitive-assessment technology delivery for Australian Defence Force-linked workflows, emphasizing data integrity, privacy, workflow reliability, evidence, and customer trust.

Technology leadership and ISO 27001 ISMS audit for an iGaming platform, spanning delivery ownership, platform operations, security-aware execution, and certification-readiness consulting.

A cyber-workforce research program featured at RSA Conference, bSides NYC, and Infosecurity Europe, translated into a talent-intelligence and ATS workflow layer.

A book about the stories that shape how people think, build, and govern AI security.

Implementing practical AI control evidence for ISO 42001, NIST AI RMF, AIMS, agent identities, permissions, red teaming, privacy, and output evaluation.

A Git-backed agentic software delivery system using workflow graphs, code remediation agents, evaluator agents, acceptance criteria, audit trails, issue linkage, and AI-assisted engineering controls.

A native AI sidecar architecture using Tauri, Rust, MITM proxying, WebSocket bridges, 160+ adapters, Apple-native APIs, VPN/network capabilities, and a dynamic capability mesh across devices and clients.

A compact, action-oriented field guide for AI security engineering practitioners working in fast-moving environments.

Large-scale connected-device analytics using Forescout Device Cloud, Elastic, Kibana, and security-research workflows to turn millions of device records into report-ready security evidence.

Device Cloud research on connected medical-device segmentation, insecure protocols, default credentials, legacy systems, and clinical-network exposure.

Device Cloud research identifying the riskiest IoT devices across financial services, government, healthcare, manufacturing, and retail.

Device Cloud research on financial-services device risk, flat networks, IoT/OT proximity, POS exposure, Windows lifecycle risk, and segmentation gaps.

Device Cloud and research-backed analysis of OT, IoT, industrial, unmanaged, and cyber-physical systems as enterprise attack surfaces.

Offensive security research into connected-device risk, enterprise exposure, and real-world exploitability, later featured in WIRED coverage.

A public security research program turning SIEM deployment analysis, cloud detection patterns, architecture innovation, and SOC maturity findings into RSA, Infosecurity Europe, and CloudNativeSecurityCon-ready narratives.

Architecture innovation work redesigning SIEM reference architectures, standardizing detection taxonomy, validating Exchange content, and turning hundreds of enterprise deployments into maturity patterns.

Linux Foundation / Cloud Native SecurityCon research on enterprise cloud detections, cloud SOC maturity, ATT&CK-aligned motives, and the growing importance of cloud-native telemetry in SIEM programs.

A three-framework workforce-development product suite combining EMPOWER psychometrics, CORE interview intelligence, RISE self-authoring, SCORM/xAPI/LTI packaging, university pilots, and AI-generated coaching reports.

A security response operating model for urgent product, customer, vulnerability, and research-driven risk events in enterprise device-security environments.

Leading product and engineering for a 2B-page open-source intelligence platform using high-throughput crawling, PostgreSQL-scale ingest, ML, NLP, clustering, search analytics, and graph visualization.

Technical marketing, ML-style multileg itinerary generation, and geographic waypoint and GDS inventory cleanup to support affiliate growth, search demand capture, and travel-content expansion.