Background
I operate an independent cybersecurity advisory practice from Pärnu, Estonia. Originally from Finland. Seven years in the Nordic tech sector in offensive security and consulting roles at companies like WithSecure and CGI before going independent.
My background covers offensive and defensive work. Started in a SOC and then spent years in offensive operations leading target-oriented threat emulations and dedicated Purple Team engagements while working directly alongside defenders.
Before going independent, the focus stayed hands-on: deep-dive penetration tests, complex environment audits, and an embedded AppSec advisory role for major organizations. Time spent on on-call enterprise incident response added the other side of that picture.
Today that background shapes the work. The current focus is the Microsoft Cloud attack surface and how threat actors actually move through it.
Sectors worked in: Heavy Industry & Manufacturing, Financial Services, Telecommunications, Government & Critical Infrastructure, and large-scale Enterprise IT.
Founder & Principal Security Consultant
Every finding is something I can defend. If something is uncertain, it is flagged as uncertain rather than presented with false confidence. What gets delivered reflects what was actually found, not what makes the engagement look more thorough.
When you hire my practice, you get me.
Findings come with the explanation of why they matter, not just what was found. The goal is that your team understands the attack path well enough to take it to a CISO or a board without me in the room.