Ryan MacDonald

Multi-engine Linux malware scanner with five detection stages (MD5, HEX pattern, YARA, ClamAV, statistical), real-time inotify monitoring, quarantine, and multi-channel alerting

iptables/netfilter firewall for Linux servers with stateful filtering, trust system, ipset block lists, SYN flood protection, VNET per-IP policies, and Docker support

Brute force detection with exponential-decay pressure scoring, 57 service rules, 8 firewall backends, GeoIP enrichment, and multi-channel alerting

BATS test infrastructure with 9-OS Docker matrix, parallel orchestration, and reusable GitHub Actions CI workflow

A fleet-scoped Linux security investigator that thinks continuously, revises its conclusions as evidence arrives, and turns forensic reasoning into deployable defenses. (Built with Opus 4.7 hackathon, Apr 2026)

Conference talks, presentations, and technical decks by R-fx Networks