Laurence Avent

Security Engineer · Founder · Exeter, UK

Security engineer with 5+ years across SIEM, incident response, detection engineering, and application security — embedded in product teams where I triaged real alerts, tuned real detection rules, and led response to real incidents including Log4Shell. Frustrated by the gap between what security teams need and what existing tools deliver, I founded Arbiter Security and built two AI-native products from scratch in Rust, exposed as MCP servers for AI agent orchestration. One finding has been responsibly disclosed to Anthropic; another to Cloudflare. I ship code, I understand attacker behaviour, and I know what matters when a SOC is under pressure.

Ask the CV directlyPowered by Claude
~/laurence $ chat --cv

Streaming chat trained on my work history, skills, and projects. Ask about Log4Shell, Arbiter’s state graph, the Encord SOC 2, or anything else worth a question.

ESC to close
Download PDF/CV_Laurence_Avent_Founder_2026.pdf

01Skills

Languages
TypeScript · Node.js · Rust · Python · Elixir · Go · SQL · Shell
Security
Detection engineering · incident response · threat modelling · pen testing · vulnerability research · SAST/DAST
Platforms
Rapid7 InsightIDR · CrowdStrike · Drata · AWS Security Hub / GuardDuty · GCP SCC · DataDog
AI & infra
MCP protocol · agent orchestration · LLM security · AWS · Terraform · CI/CD

02Selected projects

Arbiter

Closed source · Rust · 267 MCP tools

AI-native offensive security platform. MCP-driven vulnerability scanner that models web applications as state graphs and uses constraint inference to discover and verify vulnerabilities across 52 classes — XSS, IDOR, HTTP smuggling, cache poisoning, race conditions. Every finding is verified in a real browser with full evidence chains. 100% detection on Google’s Firing Range (85/85). Real-world finds responsibly disclosed to Anthropic and Cloudflare. 468K lines of Rust, 7,800+ tests.

Aletheia

Closed source · Rust · 140 MCP tools

Binary analysis platform with concolic falsification. Disassembles PE/ELF/Mach-O across four architectures, lifts to a 43-opcode IR, constructs SSA, decompiles to typed C. Runs binaries concretely while maintaining a sparse symbolic shadow over tainted variables, then uses SMT solving to construct concrete exploit witnesses — eliminating false positives architecturally. Hybrid fuzzing, taint analysis, and scanning across 14 CWE classes with CVSS scoring, MITRE ATT&CK mapping, and SARIF output. 2,800+ tests.

Tightrope Tracker

Open source · civic · public API

Live civic dashboard tracking UK fiscal constraint across four pillars — market stability, fiscal headroom, labour resilience, growth delivery — derived from OBR, ONS, BoE, and DMO data. Interactive what-if simulator, embeddable widgets, public JSON API, automated OG image generation. Featured on ITV’s Peston alongside Robert Peston and Jeremy Hunt. Built for Looking For Growth UK.

Forgemax

Open source · V8 sandbox · LLM/MCP

Open-source V8 sandbox for secure LLM-to-MCP tool execution. Up to 99% token reduction, scaling to ~5,000 tool connections without context pollution.

Narsil MCP

Open source · Rust · 90 tools

Code-intelligence MCP server. Taint analysis, SBOM generation, 32-language support. Published on crates.io, Homebrew, and npm.

Krait

Open source · Elixir/OTP + Rust

Self-evolving AI agent with AST-based security validation and cryptographic mutation auditing.

FixingBritain.com

Open source · civic

Open-source platform analysing UK structural policy challenges. Part of the civic-tech ecosystem alongside Tightrope Tracker.

03Experience

Information Security Engineer

Edmentum·Apr 2024 – Present · Remote, UK

  • Own SIEM operations on Rapid7 InsightIDR — build and tune custom detection rules, triage alerts, manage incident-response workflows across the organisation.
  • Led response to an active Storm-1811 / Black Basta-style vishing campaign — identified attack pattern, coordinated cross-team containment, implemented preventive controls.
  • Built an internal MCP registry and led the security evaluation for the GitHub Copilot Enterprise rollout: threat modelling, access controls, policy, governance framework.
  • Embed with product teams for security design reviews and secure coding practice.
  • Configure and manage AWS security services — GuardDuty, Security Hub, Lambda-based automated remediation.
  • Drive the SOC 2 compliance programme through Drata; coordinate third-party penetration testing engagements.

Focus / SIEM · detection engineering · incident response · AI/LLM security · AWS · SOC 2

Security and Compliance Engineer

Encord (YC 2021)·Nov 2022 – Nov 2023 · Remote, UK

  • Configured GCP Security Command Center and Cloud Armor WAF rules for OWASP Top 10 protection.
  • Collaborated with product on multi-cloud storage integrations across Azure, GCP, and AWS.
  • Managed inbound vulnerability disclosures; triaged reports from external researchers.
  • Implemented secure SDLC practices — security requirements, design reviews, automated testing.

Focus / GCP security · threat modelling · pentest · secure SDLC

Security Engineer (Support Engineering entry point)

Kobalt Music·Feb 2021 – Nov 2022 · London, UK

  • Founded the Security Incident Response Team from scratch — identified the organisational gap, built the business case, recruited responders, delivered an operational SIRT.
  • Led the emergency response to Log4Shell (CVE-2021-44228), coordinating cross-team remediation under pressure across production services.
  • Discovered and remediated a WAF bypass vulnerability through independent security testing.
  • Implemented OpsGenie alerting and DataDog monitoring; drove preventive improvements from root-cause analysis.

Focus / incident response · SIRT · vulnerability discovery · security monitoring

Support Engineer — Enterprise InfoSec GRC

Reciprocity (now ZenGRC)·Jul 2019 – Jan 2021 · Ljubljana, Slovenia

  • Technical support for 250+ enterprise customers on a GRC platform comparable to Drata and Vanta.
  • Influenced the product roadmap through structured customer feedback on security workflow UX.
  • Debugged complex integration issues across REST APIs, SSO/SAML, and role-based access control.

Focus / enterprise security · product feedback loops · SSO/SAML · REST APIs

Earlier career

Various·2011 – 2019

  • Paralegal work (compliance and regulatory detail), data analysis and BI (SQL, reporting, stakeholder communication), and enterprise customer operations. Built the communication skills, commercial awareness, and operational understanding that still inform the security work and product thinking today.

04Education

2:1 BSc (Hons), Marine Studies (Merchant Shipping)

University of Plymouth·2007 – 2011

Global positioning systems, problem-solving in the marine environment, maritime communications, critical systems analysis.

05Direct

Location
Exeter, UK
GitHub
github.com/postrv
LinkedIn
linkedin.com/in/laurence-avent