Lockfile

Lockfile is a one person security practice run by Simran (that's me). I work with AI startups that ship faster than their security can keep up. That's usually where the real breaches come from.

The work is hands on. I read the code, look at the workflows, follow the permissions, and write up what can actually hurt you. Then I help you close it. No deck, no binder, just the fix.

What I actually look at: your GitHub Actions and supply chain, your agents and MCP servers and how they get tool access, the secrets and tokens and cloud IAM that hold it all together, and the internal automations that can quietly touch way more than they should.

People I've worked with

Reddy, Glaze, Adeptmind, Anakin, Caryn.ai, Unify

How we work together

Monthly partner$5,500 / mo · async, ongoing
One time audit$6,500 · two weeks
First callFree, two hours

If that sounds useful, let's chat.

Simran :)

Let's talk?