Hey, my name's Maxim.
Security & infra engineer based in
New York, NY
Currently at Teleport, working on identity governance and zero-trust infrastructure access solutions, mostly with Go and TypeScript day-to-day. Before that, I spent a few years on web apps, auth systems, and distributed infra.
Outside of work, you’ll usually find me at a club or concert, hiking upstate, thrifting in the city, or lost in classic sci-fi or philosophy.
Here, I yap about programming, security, and whatever else I’m thinking about.
Scoping access requests below the resource level
Closing the gap of resource-based access requests by pushing scope down past the resource gate, into the principal layer.
Cycle detection on a graph that doesn't exist yet
Cycle detection that runs against a live database and an in-memory request payload through the same code, by writing your validators against an interface that doesn't care which one it's walking.
Running linux-only-binaries-under-freebsd
Running Linux-only binaries under FreeBSD using its Linux binary compatibility tools and Jails