This project focused on what should happen after exposed credentials are discovered online. Instead of leaving that information as a passive signal, the work turned it into a concrete protective workflow that could lock accounts and reduce the window of risk for affected clients.
The important part was not just the detection event. It was making sure the response was operationally usable, aligned with fraud reduction goals, and consistent enough to scale as a repeatable security practice.
This is a good example of the direction of my current work: security controls that connect directly to business outcomes and reduce risk through better workflow design.