Cameron Babcock

Leading the development of a greenfield EDR product, focusing on the Windows Agent and Driver components.

• • Architecting a greenfield Windows kernel-mode telemetry driver designed for low-overhead endpoint visibility at production scale.
• • Developing the user-mode agent component in modern C++ for resilient threat detection.
• • Implementing agentic AI workflows to accelerate driver validation and EDR feature development.
• • Establishing foundational engineering and testing paradigms for the new platform.

Independent consultancy and product development focusing on DoD consulting, C++ obfuscation research (ObfTypes), and building a scalable video game analytics platform.

• • Built production backend APIs and data-intensive web services in Python and .NET for analytics-driven applications.
• • Designed scalable data infrastructure with ClickHouse, Redis, and PostgreSQL to support high-volume ingestion, low-latency access, and large-scale analytical querying.
• • Developed data pipelines and backend workflows powering user-facing analytics and application features, with end-to-end ownership across architecture, implementation, deployment, and iteration.

Leading Windows agent and EDR platform work across kernel and user mode, with a focus on exploit-aware telemetry, defensive hardening, and practical platform modernization.

• • Architected enterprise EDR capabilities across kernel and user mode
• • Established AI-assisted workflows and engineering standards across a large legacy codebase
• • Built crash-dump and behavioral-analysis utilities for production defense

Developed advanced CNO tooling and led research into evasion, anti-analysis, and validation infrastructure across multiple operating systems.

• • Built implants, loaders, and supporting command-and-control infrastructure
• • Researched hypervisor-based and hardware-assisted evasion techniques
• • Introduced automated testing and CI patterns inside constrained environments

Worked across red- and blue-team assessments, supply-chain research, vulnerability analysis, and technical reporting for senior stakeholders.

• • Contributed to work referenced in senior-level cyber policy discussions
• • Researched SolarWinds-class attack paths and defensive replication strategies
• • Performed reverse engineering, application security audits, and tool evaluation