I quit waiting for someone else to build the thing I needed.
For twenty years I've watched small organizations — government contractors, healthcare providers, critical infrastructure operators — get caught between two options: enterprise security tooling they can't afford, or nothing at all.
The enterprise stack costs six figures. It takes a team of twelve to deploy. It assumes you have a SOC, a SIEM, a dedicated compliance officer, and a budget that doesn't make your CFO cry.
Most organizations have none of that. So they run with nothing. Maybe an antivirus license and a prayer.
I'm building the third option.
What It Is
Zero Day Security (ZDS) is a full security operations platform designed for the organizations that the enterprise vendors forgot.
One platform. One deployment. Everything an organization needs to actually defend itself:
- Vulnerability scanning — know what's exposed before an attacker does
- EDR integration — pull endpoint telemetry from the agents you already run
- Incident management — detect, investigate, respond, document
- Compliance automation — NIST 800-171, CMMC Level 2, OSCAL exports that auditors can actually read
- Threat intelligence — ingest feeds, correlate IOCs, know what's hunting you
- Attack path analysis — see how an attacker chains vulnerabilities to reach crown jewels
- Identity threat detection — catch credential abuse before it becomes a breach
- External attack surface monitoring — know what you look like from the outside
This isn't a dashboard that shows you pretty graphs. This is the platform that does the work.
Why Solo
Because nobody else was going to build it.
I spent two decades in security. I've seen what works and what doesn't. I've watched vendors sell shelfware to organizations that needed real protection. I've watched compliance become a checkbox exercise instead of an actual security posture.
The problem isn't that the technology doesn't exist. The problem is that it's locked behind contracts, sales calls, and price tags that start at "call us."
So I'm building it myself. Every package. Every test. Every line.
Is that the smart way to do it? Probably not.
Is it getting done? Yes.
The Stack
Go. SQLite for portability. PostgreSQL when you need scale. HTMX dashboard because nobody needs another React app for a security tool.
No Kubernetes. No microservices. No twelve-factor ceremony. One binary. Deploy it. Use it.
The security industry has a complexity addiction. Every vendor adds layers because layers justify pricing. ZDS strips that out. You shouldn't need a platform team to run your security platform.
Where It Stands
The platform is built. Not "MVP built" — built built. The kind of built where you run the test suite and everything passes. The kind where the OSCAL export actually validates against the NIST schema.
What's next is production hardening. Real-world deployments. The unsexy work that turns software into a product.
What I'm Writing About
I'm going to document this build in public. Not the sanitized version — the real one.
- How to design a security platform that doesn't require a team of twelve to operate
- Integration patterns for EDR vendors who don't want you integrating with them
- What NIST 800-171 actually requires vs. what compliance vendors tell you it requires
- Building AI-driven security tooling that isn't just a ChatGPT wrapper with a vulnerability database
- What it's like to build something this big alone and why I keep going
If you're a security engineer, a compliance professional, a solo founder, or just someone who thinks the security industry is broken — follow along.
This is Zero Day Security.
This is what I'm building.
I'm Saint Zero Day — GWOT veteran and security engineer. Find me here on DEV at @saintzeroday or on GitHub.
If you're interested in what I'm building with Notion MCP, check out SaintChain — a tamper-proof security blockchain inside Notion.
Top comments (0)