We help AI startups find what gets them hacked, before it does.

I'm Simran, a senior infra engineer. I run Lockfile. I look at your GitHub Actions, your agent tooling, MCP servers, your secrets, and your cloud access the same way an attacker would.

I like the kind of work where the fix is real and it ships - not a 90 page PDF you'll never open.

Most of what breaks AI teams isn't fancy. A workflow trigger trusts the wrong event. A token never got rotated. An internal tool can reach way more than it should. That's the actual shape of most breaches, and that's what I go hunting for.

Lockfile isn't a firm, it's just me. $5,500/mo, fully async. You slack me, I get in, I figure out what's quietly going to bite you, and I help you ship the fix.

If that sounds like the kind of person you want next to your infra, let's chat.

Based in Singapore, working with teams everywhere.

Simran :)