Hi, my name is

Ari Kalfus

I am a security leader, security engineer, and penetration tester who tricks companies into letting me run application and product security programs.

About Me

I am a security engineer and penetration tester currently leading Product Security at DigitalOcean. I strongly believe that security programs are only effective if they enable partners in product and engineering, instead of adding friction or blocking gates.

I write about security, software development, leadership, and other topics that interest me.

Notable Open Source

Active Community Ansible DevOps
An Ansible role to install and configure a Tailscale node.
GitHub OIDC + HashiCorp Vault
Terraform Authentication Authorization
GitHub OIDC + HashiCorp Vault
A Terraform module to configure Vault for GitHub OIDC authentication from Action runners.

Get in Touch

I am not currently seeking new job opportunities. If you are interested in reaching out for another reason, I’d be happy to chat.