Andre Collins
Security Engineer & Analyst · Application Security · Penetration Testing
Cybersecurity practitioner moving into security from 15+ years in telecommunications infrastructure — field install, cell-tower / RAN, and optical transport engineering on the Ciena 6500 platform. I learn by building and breaking things, then documenting exactly how they work.
See my work Get in touchAbout
My background is deep infrastructure and networking: I spent over fifteen years building and engineering the physical and transport layers that networks actually run on. That gives me an unusually concrete mental model of how systems connect and where they break — which is exactly the foundation security work is built on.
Alongside my security studies I build and operate TrueCreditIQ, a live multi-tenant SaaS product, where I do hands-on application security: PostgreSQL row-level security, OAuth, API rate limiting, secrets management, and dependency / supply-chain review. Securing a real production application — not a lab — is where a lot of my practical AppSec experience comes from.
I hold the INE eJPT (Junior Penetration Tester) and the Google Cybersecurity Certificate, and I'm currently studying for CompTIA Security+ (SY0-701). This site collects my homelab builds, lab writeups, and security case studies as I go.
What I focus on
Application Security
Securing real apps in production — access control, authentication, secrets, and supply-chain review. Grounded in operating TrueCreditIQ.
Penetration Testing
Network and web application testing, methodology-first. Active Directory attack paths, enumeration, and privilege escalation in an isolated homelab.
Security Analysis
Detection and log analysis, mapping activity to frameworks, and turning noise into findings — the analyst on-ramp.
Contact
Email: dre1825@gmail.com
LinkedIn: linkedin.com/in/andrecollins32
GitHub: github.com/<your-username>