Solna, Sweden
Consulting and building security solutions
Svenix AB delivers IT consulting, software development, and cybersecurity services, including ISO 27001 and SOC 2 programs, led by Mostafa Moradian, Lead Security Engineer at Tiger Data.
About
What I do
I build security products, detection pipelines, and developer tooling, spanning large-scale infrastructure, observability stacks, and the Sigma detection ecosystem. With 15+ years across security engineering, software development, and penetration testing, I help teams ship secure software without slowing them down.
As Lead Security Engineer at Tiger Data, I lead security initiatives across global infrastructure behind TimescaleDB. I contribute to open-source projects including RSigma, zizmor, and xk6-kafka, and serve as Chairman of GDG Sweden, organizing events that foster education and technology adoption across Sweden.
I build, therefore I am.
Services
How Svenix AB can help
Registered in Sweden (org. nr. 559545-4322), Svenix AB provides cybersecurity consulting and hands-on engineering across threat detection, secure development, and cloud infrastructure.
-
Cybersecurity
Threat modeling, penetration testing, secure code review, compliance readiness, and defensive assessments across cloud, endpoints, and applications.
-
Software Development
Backend systems, APIs, and developer tooling in Go, Rust, Python, and more, from prototype to production-ready delivery.
-
Detection Engineering
Sigma rule authoring, detection-as-code pipelines, SIEM integrations, and real-time log analysis with tools like RSigma.
-
IT Consulting
Technical leadership and security architecture guidance, helping teams embed cybersecurity into product delivery without slowing engineering.
-
Observability & Load Testing
Security observability on LGTM stacks, Grafana integrations, and performance testing with k6 and custom extensions.
-
Training & Speaking
Workshops and talks on threat modeling, OWASP Top 10, supply chain security, detection engineering, and open-source security tooling.
Achievements
Career & open source
Experience across security operations, backend engineering, and open-source contributions from telecom and startups to Grafana Labs and Tiger Data.
Lead Security Engineer at Tiger Data
Leading security initiatives across global infrastructure at the company behind TimescaleDB.
Chairman, GDG Sweden
Leading a nonprofit that organizes DevFest, CNCF meetups, and events to foster education and technology adoption across Sweden.
Senior Software Engineer, Security Operations at Grafana Labs
Led Sigma and pySigma contributions, introduced JSON schema validation for Sigma rules, deployed canary tokens via a Kubernetes operator across 180k+ pods, and performed security due diligence on Pyroscope and Asserts acquisitions.
Senior Backend Engineer & Security Lead at k6 (Grafana Labs)
Built SAML SSO, audit trail, and cloud APM backends; led ISO 27001 certification on the first external audit; ran penetration tests and secure code reviews; promoted k6 as developer advocate.
Senior Lead Software Engineer at KaraVAS
Led a team of five and delivered a REST API serving 2.5 million subscribers using Python, Flask, Neo4j, PostgreSQL, and Kong.
Security Engineer & Penetration Tester at MCI
Hardened telecom infrastructure, coordinated security assessments, performed penetration testing and secure code review, and researched SCAP-based auditing tooling.
Education
M.Sc. Computer Software Engineering
Azad University of Karaj · 2017 to 2020
Open-source highlights
-
★ 5.8k
zizmor
Static analysis for GitHub Actions workflows to find misconfigurations before they become incidents.
Rust -
★ 80
rsigma
Sigma detection engineering toolkit: parser, linter, evaluator, correlation engine, and streaming daemon.
Rust -
Log collector
helr
Declarative HTTP API audit trail log collector, optionally scriptable, built in Rust.
Rust -
★ 396
rustinel
Cross-platform endpoint detection for Windows, macOS, and Linux using ETW, eBPF, Sigma, YARA, and IOCs.
Rust -
★ 285
gatewayd
Database gateway for building data-driven applications.
Go -
★ 215
xk6-kafka
k6 extension for load testing Apache Kafka with SASL, TLS, Schema Registry, and more.
Go -
★ 183
ioc-finder
Parse indicators of compromise from text using grammars instead of regexes. Modular, readable, and maintainable.
Python -
★ 95
honeyslop
Code canaries to quickly triage hallucinated AI vulnerability reports in open-source projects.
Python -
★ 223
django-saml2-auth
Django SAML2 authentication for Okta, Entra ID (Azure AD), and other identity providers.
Python
Article highlights
Contact
Let's work together
Interested in security consulting, detection engineering, or software development? Reach out via email or connect on social media.