About

Welcome to my blog! My name is Kostiantyn, and I’m a Software Craftsman from Ukraine with a focus on developing and automating modern security solutions that help optimize a company’s security-related costs.

I have hands-on experience that includes, but is not limited to:

  • Windows security hardening, from Kerberos to configuring AD group policies to accommodate CIS requirements for OS, applications, etc.
  • SIEM/SOC-related practices, from agent configuration on Windows/Linux hosts to creating reports for Windows Defender EDR or configuring DLP with Windows Defender EDR capabilities.
  • Understanding Windows OS internals, primarily in C/C++ related to the Windows OS, memory dump analysis, etc.
  • AppLocker/Windows Firewall/other security configuration and support for large enterprises.
  • Understanding Windows Kernel mode and writing Windows drivers.
  • Understanding Attack Techniques and Defensive Security Approaches
  • Network protocols and firewall configuration.
  • Creating DevOps approaches to deliver security through CI/CD processes in modern ways.
  • Authentication solutions (creating custom modifications of authentication flows).
  • Keycloak (from source code understanding to writing custom SPIs).
  • Creating Solution Architectures (mostly related to AuthN/AuthZ).
  • Managing Dev and DevOps teams.
  • Kafka
  • Gatling (performance testing)
  • Docker
  • Git
  • Architectural patterns (SAGA, CQRS, Outbox, etc)
  • Different type of authorization including Distributing Authorization with sidecar containers / OPA / rego policies
  • etc

I can read and understand source code written in different languages (including code created by companies like Google/Microsoft and so on):

  • C/C++
  • C#
  • Java
  • JavaScript/TypeScript
  • Python
  • Golang
  • PHP
  • Perl
  • PowerShell

I’m also familiar with various modern cloud related technologies such as:

  • AWS
  • Kubernetes
  • Grafana
  • helm
  • Prometheus and so on

Currently, I work in the financial sector as the Architector and Lead of Dev/DevOps teams, primarily involved in developing and creating security solutions.

With nearly 20 years of experience in the IT field, I use this blog to share my thoughts and insights, aiming to offer something interesting for both newcomers and experienced IT enthusiasts.