▍ About
Operator first. Trainer second. Vendor never.
I run small businesses through the same playbook I use myself — what's working right now, what burns budget, and what to leave alone.
I started teaching after a decade of building, breaking, and fixing systems inside fast-moving businesses — e-commerce, SaaS, services, agencies. Every founder I talked to had the same three problems: AI was either invisible or out of control, marketing felt like spray-and-pray, and ops quietly leaked margin every quarter.
The trainings exist to fix that — fast, free, and in person. I don't sell software. I don't take vendor referral fees. Every tool I recommend is something I use or have used in production. Every attack I demonstrate is one I've seen hit a real business.
The format is deliberate: live demos, real tools, a working output before you leave the room. Not a slide deck. Not a webinar. If the session doesn't change how you work on Monday, it failed.
For teams that need this work done inside the business, consulting runs through Exclusive Medias.
▍ Domain expertise
What I actually know how to do.
AI deployment
Designing and securing LLM workflows inside small business operations — from prompt policy to vendor risk assessment.
Offensive security
Running controlled attack demonstrations (credential stuffing, phishing, prompt injection, BEC) to make abstract threats concrete for non-technical audiences.
Marketing systems
Building compounding content engines and lead pipelines. Content → capture → nurture → booking. Wired up live, not just diagrammed.
Process design
Applying Theory of Constraints to find and break the real bottleneck. Five patterns that account for 80% of SMB operational drag.
Revenue ops
Building the data layer under sales and marketing — attribution, pipeline visibility, and the weekly 10-minute review that replaces the quarterly all-hands.
Technical education
Making complex systems legible to non-technical owners without dumbing them down. The goal is capability transfer, not dependency creation.
▍ The stack
Tools I use and teach. Nothing I don't run in production.
AI
Claude / ChatGPT / Gemini
Drafting, reasoning, Q&A on internal docs
Cursor / GitHub Copilot
Code generation and internal tooling
Make / n8n / Zapier
Connecting AI outputs to business workflows
Ollama + local models
Air-gapped deployments for sensitive data
LangChain / LlamaIndex
RAG pipelines over internal knowledge bases
Security
Burp Suite
Web app attack demonstrations
Metasploit (demo-only)
Live attack walk-throughs in sessions
1Password / Bitwarden
Team credential management rollouts
Cloudflare / DMARC tools
Email domain hardening, SPF/DKIM/DMARC
CrowdStrike / Malwarebytes
Endpoint protection for SMB environments
Marketing
Twilio / SendGrid / Resend
Email automation and list segmentation
Google Analytics 4
Attribution and conversion tracking
Webflow / Framer
Landing pages and lead capture
Meta + Google Ads
Paid amplification of proven organic content
Ahrefs / SEMrush
Content gap analysis and keyword research
Operations
Notion / Confluence
Process documentation and team wikis
Linear / Asana
Task and project management
Make / n8n
Workflow automation and system integration
Loom
Async documentation and SOP recording
Airtable / Google Sheets
Lightweight ops dashboards and metrics
▍ The approach
How every session is structured.
Make the threat or opportunity real
Live demonstrations, not slides. You watch credential stuffing happen, or watch a lead pipeline get wired up on stage. Abstract concepts become concrete decisions.
Build the minimum viable fix
The goal is something working before you leave the room. A policy completed. An automation live. A bottleneck diagnosed. Not a framework to adapt later — an implementation now.
Leave with something specific
Every session includes a materials package: checklist, template, or tool recommendation. The session is designed so the output survives Monday morning when the urgency fades.