/* ============================================================ DATA — projects + case-study content + about content Realistic placeholder cybersecurity portfolio for Dylan Jeppesen. ============================================================ */ // muted warm tints used for placeholder plates (paper-family) const TINTS = { sand: "oklch(0.88 0.024 76)", clay: "oklch(0.74 0.05 48)", stone: "oklch(0.80 0.012 70)", olive: "oklch(0.80 0.03 120)", slate: "oklch(0.66 0.02 250)", ink: "oklch(0.40 0.015 60)", bone: "oklch(0.92 0.012 84)", rust: "oklch(0.62 0.07 42)", fog: "oklch(0.84 0.014 230)", }; const PROJECTS = [ { slug: "meridian", title: "Meridian Bank", kind: "Client Work", year: 2024, role: "Red Team Engagement", services: "Adversary Simulation", client: "Meridian Bank", partner: "Internal SOC. Detection Eng.", tint: TINTS.ink, cover: "ADVERSARY SIM / FULL-SCOPE", video: true, summary: "A six-week full-scope adversary simulation against a tier-one retail bank — from external footprint to the core payment switch.", lead: "We were asked one question: assume a motivated attacker has time and patience — how far do they get before anyone notices?", body: "The engagement began with no internal access and no prior knowledge beyond the bank's public footprint. Over six weeks the team moved from an exposed third-party portal to domain compromise, then laterally toward the payment authorisation environment. Every step was documented as a defendable narrative, mapped to detection opportunities the blue team had missed.\n\nThe value was never the proof of compromise. It was the timeline — a minute-by-minute reconstruction the SOC could replay against their own telemetry to find exactly where visibility broke down.", blocks: ["KILL-CHAIN TIMELINE", "INITIAL ACCESS / PHISH", "PRIV-ESC PATH", "DETECTION GAP MAP"], }, { slug: "helios", title: "Helios Health", kind: "Client Work", year: 2024, role: "Cloud Security Architecture", services: "Architecture", client: "Helios Health", partner: "Platform Eng. Compliance.", tint: TINTS.fog, cover: "ZERO-TRUST / MULTI-CLOUD", video: false, summary: "Re-architecting identity and network boundaries for a healthcare platform spanning three cloud providers and forty million records.", lead: "Patient data does not get a second chance. The brief was a security architecture that assumed breach by default.", body: "Helios had grown by acquisition — three clouds, four identity providers, and a network that trusted itself far too much. We rebuilt the foundation around explicit identity, workload-level segmentation, and an audit trail regulators could read without a translator.\n\nThe hard part was never the technology. It was sequencing the migration so that ten thousand clinicians never noticed the ground moving beneath them.", blocks: ["TRUST BOUNDARY MAP", "IDENTITY FEDERATION", "SEGMENTATION MODEL", "AUDIT PIPELINE"], }, { slug: "northwind", title: "Northwind Grid", kind: "Client Work", year: 2023, role: "OT / ICS Assessment", services: "Critical Infrastructure", client: "Northwind Energy", partner: "OT Engineering. Safety.", tint: TINTS.olive, cover: "OT / ICS — SUBSTATION", video: true, summary: "A safety-first security assessment of substation control systems for a regional energy operator.", lead: "In an environment where a wrong packet can trip a grid, the rules of engagement matter more than the findings.", body: "Operational technology does not forgive the habits of corporate pentesting. Working alongside the engineers who keep the lights on, we mapped the boundary between the business network and the control plane, then probed it with surgical care.\n\nThe deliverable read less like a vulnerability report and more like a field guide: what to fix, what to monitor, and what must never be touched while the turbines are spinning.", blocks: ["NETWORK PURDUE MODEL", "PROTOCOL ANALYSIS", "SAFETY ENVELOPE", "REMEDIATION ROADMAP"], }, { slug: "vantage", title: "Vantage Pay", kind: "Client Work", year: 2023, role: "Application Pentest", services: "Offensive Security", client: "Vantage Pay", partner: "Product Eng.", tint: TINTS.clay, cover: "PAYMENTS / API SURFACE", video: false, summary: "Continuous penetration testing across a fast-moving payments API handling millions of daily transactions.", lead: "Ship velocity and security are not opposites — but only if testing moves at the same speed the product does.", body: "Vantage shipped multiple times a day. A point-in-time pentest would have been stale before the report was signed. Instead we embedded testing into their release rhythm — every meaningful change met an adversary before it met a customer.\n\nWe found the flaws that scanners never will: the business-logic gaps where a legitimate sequence of requests becomes theft.", blocks: ["AUTH FLOW REVIEW", "BUSINESS-LOGIC ABUSE", "RATE-LIMIT BYPASS", "CI/CD GATE"], }, { slug: "orbit", title: "Orbit Logistics", kind: "Client Work", year: 2022, role: "Zero-Trust Rollout", services: "Architecture", client: "Orbit Logistics", partner: "IT. Endpoint.", tint: TINTS.stone, cover: "ZERO-TRUST / ENDPOINT", video: false, summary: "Retiring the corporate VPN for a global logistics workforce in favour of identity-aware access.", lead: "Fifteen thousand people, forty countries, and a VPN concentrator that was one outage away from stopping the trucks.", body: "The flat, trusted internal network was a liability that had quietly become load-bearing. We replaced it with identity-aware proxies and device posture checks, then decommissioned the VPN one application at a time.\n\nSuccess was invisible: nobody filed a ticket, and the attack surface quietly collapsed.", blocks: ["ACCESS POLICY MODEL", "DEVICE POSTURE", "APP-BY-APP CUTOVER", "VPN SUNSET"], }, { slug: "ghostwire", title: "Ghostwire", kind: "Personal", year: 2024, role: "Open-Source Tooling", services: "Research & Tooling", client: "Open Source", partner: "Community.", tint: TINTS.slate, cover: "C2 DETECTION / OSS", video: true, summary: "An open-source library that turns noisy network telemetry into legible command-and-control signals.", lead: "Defenders drown in logs. Ghostwire is an attempt to give them a quieter, sharper signal.", body: "Built in the open over a year of evenings, Ghostwire models the rhythm of beaconing malware and surfaces the patterns hidden inside ordinary traffic. It ships as a small, dependency-light library so a team can drop it into the pipeline they already have.\n\nThe project has become a small community — pull requests from defenders who found a new pattern in the wild and wanted to share it.", blocks: ["BEACON MODEL", "JITTER ANALYSIS", "DETECTION RULES", "PUBLIC BENCHMARK"], }, { slug: "phantom", title: "Phantom", kind: "Personal", year: 2023, role: "Supply-Chain Research", services: "Research & Tooling", client: "Independent", partner: "Disclosure.", tint: TINTS.rust, cover: "SUPPLY-CHAIN / RESEARCH", video: false, summary: "A research project tracing how a single compromised build dependency can quietly reach thousands of downstream projects.", lead: "The most dangerous code is the code you never decided to trust — you simply inherited it.", body: "Phantom started as curiosity about how far a malicious package could travel before anyone noticed. It became a methodology for mapping trust in the modern software supply chain, and a set of disclosures handled quietly with the maintainers affected.\n\nThe work was eventually presented as a talk, with all proof-of-concept code held back until fixes had shipped.", blocks: ["DEPENDENCY GRAPH", "TRUST PROPAGATION", "POC SANDBOX", "COORDINATED DISCLOSURE"], }, { slug: "nullroute", title: "Nullroute", kind: "Personal", year: 2022, role: "CTF Platform", services: "Research & Tooling", client: "Community", partner: "Volunteers.", tint: TINTS.sand, cover: "CTF / PLATFORM", video: false, summary: "A capture-the-flag platform and a set of original challenges run for a community of learning hackers.", lead: "You learn to defend a system by spending real time inside one that wants to be broken.", body: "Nullroute is the platform I wish I had when I started — original challenges, clean infrastructure, and write-ups that explain the why rather than just the flag. It runs a few times a year for a growing community.\n\nDesigning challenges turned out to be the best security education I have ever had.", blocks: ["CHALLENGE DESIGN", "ISOLATED INFRA", "SCOREBOARD", "WRITE-UPS"], }, ]; // ---- About page content ---- const DISCIPLINES = [ { n: "01", title: "Network Security", tint: TINTS.ink, label: "NETWORK / ACCESS", body: "Hardening networks, access boundaries and security policy so the right traffic gets through and the wrong traffic stays out. I like work that is measurable, operational and easy to defend in production.", }, { n: "02", title: "Cisco ISE / Identity", tint: TINTS.fog, label: "ISE / POLICY", body: "Identity, authentication and access control — especially the operational side of Cisco ISE and NAC. The goal is policy that teams can actually run, not just admire in a diagram.", }, { n: "03", title: "Cloud Security & Labs", tint: TINTS.slate, label: "CLOUD / LABS", body: "Building hands-on depth in cloud security and lab environments so concepts get tested against reality. I care about the gap between a clean slide deck and a system that survives contact with users.", }, ]; const CLIENTS = ["CCNP Security", "CCNA", "CDPF", "IT Management", "Cisco Denmark"]; const PARTNERS = ["Cisco ISE", "OWASP", "First.org", "BSides", "Security community"]; const ABOUT_STORY = "I started in IT management and worked closer and closer to the infrastructure until security became the part that mattered most. Along the way I kept picking up practical depth in systems, networks and the messy operational work that keeps them usable.\n\nThese days I focus on the areas where architecture and reality meet: network security, identity, access control and cloud security. I like security work that is simple enough to operate, strict enough to trust, and useful to the people who have to live with it."; Object.assign(window, { PROJECTS, DISCIPLINES, CLIENTS, PARTNERS, ABOUT_STORY, TINTS });