I direct AI to build governed tools for compliance, monitoring & IT operations.
Twenty-six years hands-on across systems, networks, storage, disaster recovery, code and cloud — now spent building AI that can safely help run production infrastructure.
I apply existing foundation models — I don't train them. The value isn't the model; it's the guardrails, evidence, and human-in-the-loop wrapped around it.
Every system here — and this page — built by directing Claude CodeContext and imagination are the multiplier.
Early in my career someone handed me the old warning: "jack of all trades, master of none." It never sat right — I like understanding how the whole machine fits together, not living inside one command line all day. Turns out that quote is only half finished. The full version is a compliment: "…but oftentimes better than a master of one."
That missing half is the whole point. For standard, well-defined work, cheap AI models now perform about as well as the expensive frontier ones — squeezing cost out of AI is already table stakes. The real advantage moved somewhere else: context plus imagination. Frontier models can reason brilliantly, but they don't know your business. Your staff do. Give the people holding years of institutional context real models and permission to experiment, and they stop doing old tasks faster and start defining tasks that simply weren't possible before.
That's exactly where a generalist shines: the person who understands networks and storage and code and the business is the one who can imagine what to build next — and then actually build it, with AI as the multiplier.
The proof is the method
I'm not a career software engineer — I've never held the title. I'm an infrastructure generalist who directs AI to build real, governed systems. Every project on this page, and the page itself, was built with Claude Code — I bring the architecture, the domain context, the guardrails and the judgment about what's safe to ship; the AI writes the code. That isn't a caveat. It is the thesis — context plus imagination, with AI as the multiplier — demonstrated in working software you can open and use.
Agentic Compliance Engine
A governed AI operations command center: an AI layer that watches live infrastructure, reasons about what it sees with evidence, and takes bounded, human-approved action — without creating new security, compliance, or control problems.
⚠ Demo only · illustrative data
ace.mbfromit.com
ACE — the control plane, not the model
Built on existing foundation models and wrapped in guardrails so AI can safely help operate production systems.
Design it, ship it, monitor it, recover it.
I don't just prototype. The systems here run on real infrastructure I own and operate.
Governed AI tools I've built.
Two I can explain in a sentence and you can pick apart yourself — both aimed squarely at software-supply-chain security, both built by directing Claude Code.
RatCatcher
AI-builtA cross-platform PowerShell forensic scanner that hunts a real npm supply-chain compromise across a machine's full kill chain — then has an AI triage every finding, so what reaches the dashboard is real threats, not noise. Confirmed hits require a named manager sign-off, creating an audit trail.
SBOM-Mapper
AI-builtA client-side SBOM visualizer that parses dependency manifests, cross-checks every package against OSV.dev for known vulnerabilities, and draws the dependency graph — with optional AI remediation guidance. Everything runs in the browser; the container is a hardened, read-only static host with an SSRF allowlist.
A working platform, not a portfolio of demos.
Behind the flagship is a real home-lab platform I design, direct and operate end-to-end. An AI Gateway proxies every app's model traffic through one governed choke point for cost tracking, usage analytics and compliance. A fleet of read-only MCP servers — fronted by one router — lets AI agents read and reason about the DevOps toolchain (CI, git, deploys, artifacts, monitoring) but never mutate it. Around them runs a full k3s cluster, CI/CD pipeline and disaster-recovery stack, plus experiments like DeepThink and OpenBrain agent memory. The point isn't any one repo — it's that I live in the whole loop.
Bring AI into real operations — safely.
Govern AI adoption
Guardrails, policy gates and human-in-the-loop so teams can use powerful models without opening security, compliance or control gaps.
AI observability & cost control
One choke point for model traffic — spend per app and per user, full prompt/response audit, and analytics that make adoption defensible.
Help IT run its own systems
Turn 26 years across infrastructure into AI tools your existing staff actually use — monitoring, incident response and disaster recovery included.