About

About

Hi, I’m Eric Gaby. I am a security engineer in Fort Wayne, Indiana, with a background in application security, web application penetration testing, systems security, SOC work, vulnerability management, and secure software development.

The short version: I like taking complicated technical systems apart, understanding where they fail, and helping people build them back with fewer sharp edges.

What I Work On

My professional work has covered web application penetration testing, application security architecture, static analysis, threat modeling, vulnerability research, systems security, phishing and social engineering exercises, incident response, threat hunting, and policy work. Earlier roles and internships gave me time in infrastructure, software engineering, database-backed .NET applications, network troubleshooting, and user-facing IT support. That mix shaped the way I think about security: technical depth matters, but so does communication between developers, systems teams, QA, leadership, and the people who actually use the systems.

CTFs And Community

I volunteer with the BSides Fort Wayne CTF team and spend a lot of time building challenges, infrastructure, firmware-adjacent puzzles, and event tooling. CTF work scratches the same itch as good security engineering: a challenge should be fair, observable, and educational, but still ask the solver to do real thinking.

This site will include CTF writeups, challenge design notes, and the occasional post about making security education useful without turning every answer into a checklist.

Education

I earned both a Bachelor of Science in Computer Science and Information Technology and an MBA from Trine University in 2023. The cybersecurity concentration and hands-on ethical hacking coursework were especially formative because they demanded practice, not just theory. I have also stayed involved with technical education through advisory-board service for Trine University and Fairfield Jr-Sr High School.

What I Care About

  • Secure software that developers can realistically maintain
  • Appsec reports that explain the risk and the fix
  • CTF challenges that reward curiosity over copy-paste solving
  • Infrastructure that makes good security easier to repeat
  • Cross-team communication, especially between security, systems, developers, and QA
  • Lifelong learning in a field that refuses to sit still

Elsewhere