About Me

I’m a computer scientist in Massachusetts with graduate education and 15 years security-relevant industry experience. I’ve worked hands-on with things like static program analysis, symbolic execution, abstract interpretation, compiler and interpreter development, fuzzing and property-based testing, and appsec review.

Since 2021, at Praetorian, I’ve been creating purpose-built tools (like Nosey Parker) imbued with modern machine learning technology to empower security operators. This “full-stack ML development” — including dataset curation, model training and evaluation, inference optimization, and deployment — has made me pragmatic. ML systems can be amazingly powerful, but come with numerous reliability, security, and ethical hazards.

I love building tools that people use, and I deeply value craftsmanship. I’ve done my very best work when I’m directly involved with the entire product life, including ideation, development, distribution, and working with users to understand their problems and make them successful.

My professional interests focus on making software better, based on the thesis that computers can be leveraged dramatically more than they are today to aid in constructing software that works as intended. This involves things like building correct-by-construction libraries, scaling program analyses to real software, applying fuzzing and property-based testing to existing code, and integrating machine-based checks into the software development process. Imagine—software that works!

You can find a PDF of my resume here. I’ve also written and presented several peer-reviewed publications over the years.

Elsewhere

I’m active on GitHub as @bradlarsen. I sometimes post on Mastodon. You can email me too.

I grudgingly have a LinkedIn account.