Current Web application development methodologies assume that developers understand the entire application, and can add security checks to their code. This does not scale to large applications, where understanding the entire codebase is cost-prohibitive. A promising approach is to forgo traditional checks for and tag
sensitive data with security policies that are automatically enforced. We are implementing data flow assertions as a Ruby on Rails plugin that does not assume infrastructure changes. I am developing Rails applications that will be used to benchmark the codes effectiveness, and using my knowledge to improve our plugins APIs.

I have worked at Palantir Technologies in the Quality Engineering group and collaborated with the Automation group. I have worked at ESI in the software engineering division to generate and model system control algorithms. I have worked on teams that ship products globally, both at ESI and Palantir, and have worked to international
requirements.