XAI GROK·4.3 +0.3 OPEN GPT·5.5 +0.5 GOOG GEMINI·3 Pro +1.0 GOOG GEMINI·3 Flash +1.0 GOOG GEMINI·3 Nano +1.0 ANTH OPUS·4.7 +0.3 NOUS HERMES·5 +1.0 PERP SONAR·Pro 2 +1.0 ANTH SONNET·4.5 +0.1 DEEP (REASONING)·R2 +1.0 COHE COMMAND·R+ 3 +1.0 DEEP DEEPSEEK·V4 +1.0 ALIB QWEN·3 Coder +1.0 ANTH HAIKU·4 · MIST MISTRAL·Large 3 +1.0 ALIB QWEN·3 Max +1.0 META LLAMA·4 Behemoth · OPEN GPT·5.0 · XAI GROK·4 Heavy · 01AI YI·Large 2 · META LLAMA·4 Maverick · META LLAMA·4 Scout · OPEN O-SERIES·4-mini · MIST CODESTRAL·25 · XAI GROK·4.3 +0.3 OPEN GPT·5.5 +0.5 GOOG GEMINI·3 Pro +1.0 GOOG GEMINI·3 Flash +1.0 GOOG GEMINI·3 Nano +1.0 ANTH OPUS·4.7 +0.3 NOUS HERMES·5 +1.0 PERP SONAR·Pro 2 +1.0 ANTH SONNET·4.5 +0.1 DEEP (REASONING)·R2 +1.0 COHE COMMAND·R+ 3 +1.0 DEEP DEEPSEEK·V4 +1.0 ALIB QWEN·3 Coder +1.0 ANTH HAIKU·4 · MIST MISTRAL·Large 3 +1.0 ALIB QWEN·3 Max +1.0 META LLAMA·4 Behemoth · OPEN GPT·5.0 · XAI GROK·4 Heavy · 01AI YI·Large 2 · META LLAMA·4 Maverick · META LLAMA·4 Scout · OPEN O-SERIES·4-mini · MIST CODESTRAL·25 ·
joe

cat ~/joe/services.md

# small engagements. clear scopes. real deliverables.

joe's honeypots

[beta]

managed deception infrastructure. every interaction is a high-fidelity signal — because nothing legitimate should ever touch them.

[t-pot][opencanary][custom decoys]
$ man honeypots — who this is for
  • small teams that want enterprise-grade tripwires without running them
  • environments where alert fatigue has killed every other detection
  • pre-incident posture work — you want to know before, not after

light pentesting

[available]

scoped external and web app assessments. clear, reproducible reports. no boilerplate, no vuln-scanner cut-and-paste.

[manual review][burp / caido][nuclei][custom tooling]
$ man pentest — who this is for
  • a fresh perspective before a soc2 / iso renewal
  • pre-launch reviews for a new product surface
  • targeted reviews when something feels off but you can't name it

compliance audit

[available]

gap analysis against soc2, hipaa, cmmc, iso 27001 — focused on what actually moves the needle, not just the checklist.

[soc2][hipaa][cmmc][iso 27001][nist 800-53]
$ man compliance — who this is for
  • teams who got a control framework dropped on them and don't know where to start
  • companies preparing for first audit — i'll tell you what real auditors look at
  • organizations who want a sanity check before paying for the real one

cloud security review

[available]

azure, aws, or m365 posture review. policy-as-code remediation paths, not pdf reports that die in a sharepoint.

[azure][aws][m365][terraform][policy-as-code]
$ man cloud-review — who this is for
  • rapid growth led to a cloud estate nobody fully owns
  • identity and access bloated past the point of being auditable
  • cost guardrails and security guardrails fighting each other

# how i work, regardless of engagement

1. intro call (30 min). free. we figure out if i'm the right fit.
2. scope doc. one page. signed. covers rules of engagement, blast
   radius, and what "done" looks like.
3. engagement. async-first. weekly written check-ins. no surprise pdfs.
4. deliverable. plain markdown + a working remediation path.
5. 30-day q&a window. you read it, you have questions, i answer.
$ ./start-engagement.sh →