Skip to content

What We Do

Skellman.io's work spans five core areas. Each reflects a different dimension of the same underlying goal: making security more accessible, more automated, and more clearly understood.

Cloud Security

Cloud environments move fast and misconfigure silently. A public S3 bucket, an overly permissive IAM role, or a security group with unrestricted ingress can persist undetected for months in a fast-moving infrastructure.

We research, document and build tooling around cloud security posture across AWS, Azure and GCP. This includes misconfiguration detection, IAM analysis, network policy review and security architecture patterns designed for cloud-native deployment models. The focus is always on what is actually exploitable in practice, not just what fails a compliance checkbox.

Security Architecture

Good security architecture reduces attack surface before a single line of application code is written. Retrofitting security onto existing systems is expensive and incomplete. Designing it in from the start is not.

We design and document security architecture patterns for modern systems, covering identity, network segmentation, secrets management, service boundaries and infrastructure layout. The goal is to give engineers and architects practical frameworks they can apply directly to their own environments, not abstract models that require translation.

Custom Tools & Automation

Manual security processes do not scale. Reviewing Terraform plans by hand, inspecting Dockerfiles manually, or parsing logs individually works at small scale and fails at large scale. Automation does not replace judgment; it creates space for it.

We build open-source tools that automate the repetitive, error-prone parts of security work. Static analysis for infrastructure-as-code, log normalization and timeline generation, container misconfiguration scanning. Each tool is designed to be fast, composable and honest about what it does and does not catch.

Technical Writing & Education

The best tool in the world is limited if the reasoning behind it is not documented. The best security architecture is hard to replicate if it is not explained clearly.

We produce in-depth technical content that explains security concepts, tooling decisions, and architecture patterns without unnecessary abstraction. Articles, guides, and documentation here are written for people who want to understand the why behind something, not just follow steps. We write at the level of depth the topic requires and no more.

Research & Experimentation

Not everything we build goes directly to production, and not every hypothesis turns out to be correct. We explore new areas in cloud security, emerging attack surfaces, and engineering approaches, and we publish findings openly, including the ones that did not work out as expected.

The field advances through honest inquiry. Treating research as a first-class part of the work means being willing to investigate, test, and share, even when the outcome is inconclusive.