Secure Data Consortium | LLM Security, Mobile Forensics, Cryptocurrency Investigation

Three practice areas

Secure Data Consortium is a boutique cybersecurity practice based in Jacksonville, Florida, founded in 2008. The practice operates in three deliberately-chosen areas where senior-practitioner depth produces measurably better outcomes than generalist consulting:

LLM Application Development & Security

Custom LLM-backed application builds, on-premises model deployment for security-conscious organizations, RAG pipelines for regulated corpora, and adversarial security testing including indirect prompt injection assessment. Builder-architect background combined with active adversarial research.

Mobile Device Forensics

Consent-based Android and iOS device forensic examination for family-law attorneys, domestic violence advocacy organizations, and civil matters. Stalkerware and surveillance-app detection. Deposition-grade written reports. Expert testimony available.

Cryptocurrency Investigation & Tracing

Blockchain forensic tracing for scam victims, civil litigation, and attorneys pursuing recovery. Documented methodology, honest scope, no recovery guarantees. Former Chainalysis Customer Success Engineer; FLETC cryptocurrency-investigation co-instructor.

Why a boutique practice

Most cybersecurity work in the market is delivered by firms structured around staff augmentation: bench resources billed at multiples of their cost, junior staff doing the actual work behind senior-titled signatures, and engagement structures designed to maximize billable hours rather than minimize time-to-deliverable.

This practice is structured differently. Every engagement is performed by a single senior practitioner with 19+ years in production systems, application development, infrastructure security, mobile and digital forensics, and cryptocurrency investigation. Every engagement has a written deliverable. Every engagement has a defined scope and timeline at signing.

That structure isn't right for every need. It is right for clients who would rather pay one senior practitioner for one well-scoped deliverable than retain a firm for ongoing access to a rotating bench.

How engagements work

Project-shaped, not staff augmentation. Every engagement has a defined scope, a written deliverable, and a fixed timeline.

Fixed-scope or capped-hours pricing. Most engagements are fixed-fee per deliverable. Hourly work is capped per engagement; no open-ended hourly retainers.

Remote-first delivery. Engagements run via VPN or jump box for environments that require it. On-site days are bounded and scheduled at engagement start.

Credentials

CISSP CSSLP CRISC Ex-Chainalysis

The practitioner is a senior security architect and developer with 19+ years across financial services, government, healthcare, and security tooling. Detailed background on the About page.

From the lab

Indirect prompt injection across four open-weight LLMs

A 1,280-trial study characterizing indirect prompt injection susceptibility across Llama 3.1 8B, Mistral 7B, Qwen 2.5 7B, and Qwen 2.5 Coder 7B at two production-realistic temperatures. Key findings: temperature reduction is not a reliable defense on susceptible models; output format constraint achieved 0/40 injection on the most-susceptible model tested.

Read the article on Medium · Reproducible harness on GitHub

Additional research and writeups are published periodically. See the LLM page for current research projects.

Start a conversation

For prospective engagements in any practice area, fill out the form below or schedule a 30-minute scoping call.

Senior-Practitioner Cybersecurity, Without the Markup