Now booking · 1-on-1 mentorship

Build with Claude Code.
Secure with Claude Code.

1-on-1 mentorship for developers and product builders shipping code with AI. Learn to develop fast with Claude Code, then turn the same tool into a security reviewer that audits, threat-models, and hardens what you've built.

Book a Free Call → What You'll Cover ↓
or message me on LinkedIn →
Mentees and alumni work at
VinciHermèsBNP ParibasThalesKPMGPwCSiemensAirbusSaint-GobainBouyguesEDFAccenture VinciHermèsBNP ParibasThalesKPMGPwCSiemensAirbusSaint-GobainBouyguesEDFAccenture
Who this is for

This Is For You If...

✅ Yes, join if you:

  • Ship code, or want to ship code, with AI assistance and don't want to do it naively
  • Picked up Claude Code and sense your habits aren't getting the most out of it
  • Are a non-dev product builder using AI to build real apps and you know your security knowledge has gaps
  • Already shipped something to production that's making you nervous
  • Want someone who has actually shipped to look at your code with you, not a video course
  • Want to know what AI gets wrong on security and how to catch it
  • Will share your real code and do the work between sessions

✗ Not for you if you:

  • Want a Claude Code tutorial you can watch on 2× speed
  • Want generic "secure coding" theory with no hands-on work
  • Are looking for cert prep (Security+, OSCP, etc.)
  • Believe AI-generated code is automatically secure
  • Won't share your actual code or work product
  • Think you already know everything
What you'll cover

Two Pillars. One Toolchain.

Use Claude Code to build serious applications. Then use the same tool to audit them. The first half teaches you to ship faster. The second half teaches you to ship safely.

Pillar 01

Develop with Claude Code

How to ship real applications with AI, not toy demos. Effective workflow: planning, scoping, iteration loops that actually converge. Hooks, MCP servers, subagents, and skills, the parts most users skip. Driving Claude Code through real codebases: refactors, feature work, debugging. Testing in the loop. When to accept the suggestion, when to rewrite it, when to push back. Productivity at senior dev level.

Build with confidence
Pillar 02

Secure It with Claude Code

Threat modeling your app: STRIDE, attack surface mapping, trust boundaries. OWASP top 10 in practice: auth, input validation, output encoding, secrets, deserialization. AI-specific risks: hallucinated dependencies, insecure default patterns, prompt injection in apps that wrap LLMs, supply chain. Driving Claude Code through a real security review: how to prompt it, what to verify, what it misses. Hardening checklists, dependency hygiene, secrets scanning, deployment safeguards.

Audit and harden
How it works

Mentorship, Not a Course

No pre-recorded videos. No generic curriculum. Every session targets a real problem in your code, on your timeline.

01

1-on-1 sessions

Video sessions scheduled around your week. Every session targets your actual codebase or a project you're shipping, not slideware.

02

Hands-on with your code

We work in your repo (or a sandbox project if your employer doesn't allow it). You leave each block with running, tested, hardened changes you understand line by line.

03

Written deliverables

Threat model, security review report, hardening roadmap. Documents you can use internally to defend a design decision, a budget, or an audit finding.

04

Async support

Between sessions, share findings, ask questions, iterate on prompts. No 24-hour silence when Claude Code suggests something that smells off.

Your coach

Not a Guru. Someone Who Did the Work.

Fabien Soulis

Fabien Soulis. Multicloud security architect, pentester, incident responder. 15+ years securing global enterprises across North America and Europe.

Started his career as a web developer. Has been shipping production code ever since, including a SaaS cybersecurity business with dozens of enterprise clients. Daily Claude Code user: hooks, MCP, subagents, the full toolchain. Builds and ships with AI, then audits the result with the same skepticism he brings to a penetration test.

CISSP. Sorbonne instructor teaching security architecture at Paris 1 Panthéon-Sorbonne. Career path: web developer to SAP analyst to IT auditor to security analyst to multicloud security architect. I teach what I actually use to build and secure things.

15+
Years in the field
150K+
Users secured
0
Major incidents
FAQ

Before You Decide

Do I need to be a senior developer?
No. The page is open to working developers and to non-dev product builders shipping code with AI. The mentorship adapts to where you're starting from. If you've never written code, start with the fundamentals first. If you've shipped real apps, with AI assistance or without, you're ready.
What languages and stacks do you cover?
The principles transfer across stacks. In sessions we work in whatever you actually ship in: Python, TypeScript, Go, Java, Ruby, the cloud platform you deploy to, the framework you chose. You bring the stack. We bring the threat model and the security thinking that applies to all of them.
Is this only for people using Claude Code?
Claude Code is the tool we focus on because it's currently the most capable AI coding assistant. The development workflows we cover are Claude Code specific (hooks, MCP, subagents, skills). The security thinking transfers to any AI-assisted code, or to hand-written code. If you're using Cursor or GitHub Copilot, the security half still works. The build half translates with adjustments.
Can you really audit AI-generated code?
Yes. AI generates code that compiles and looks plausible, which is more dangerous than code that obviously doesn't work. A real review with Claude Code in the loop is faster than manual review and catches more than most static analyzers. We work through real audits in your environment, not toy examples.
What's the difference with the Microsoft Security page?
The Microsoft Security page is for IT and security people working with Active Directory, Azure, and Microsoft 365. This page is for developers and product builders shipping their own application code. Different audiences, different problems.
What's the difference with the Pentest School Leadership Program?
The Leadership Program is a structured 90-day path to security leadership: positioning, architecture, AI productivity, and visibility. This page is narrower and deeper on one technical domain: shipping secure code with Claude Code. Pick this if learning to develop and harden applications is the specific gap you want to close.
What language are sessions in?
English by default. Sessions can be delivered in English, French, or Spanish depending on your preference. Documents and deliverables are produced in the language of your choice.
How much does it cost?
Pricing depends on scope: a focused 4-week engagement and a full 3-month mentorship cost very different things. We discuss it on the first call, after we've agreed on what you actually need. The call itself is free, with no pitch.

Ready to Ship Secure Code with AI?

Book a free 30-minute call. We'll figure out where you're at, what you're shipping, and whether mentorship is the right move for you right now.

Book a Free Call → Message on LinkedIn See What You'll Cover

Not ready yet?

Read the free book, or join the Discord to learn from peers walking the same path.

Get the Free Book → Join the Discord →

Discord is open to serious learners only. For experience sharing between professionals making the jump.