Matt Edwards is a CISO, pentester, and senior SecOps/DevOps engineer whose work centers on turning security, compliance, and operational rigor into systems teams can actually use.
FocusCybersecurity program design, offensive security, compliance systems, and document-driven operating models
Published Domain Specification5
Matt Edwards
Matt Edwards is an author of the public Cuddler Domain Specification and Artifact Definition series and a security-focused systems builder whose work combines technical depth with operational discipline. His broader professional work spans penetration testing, program leadership, compliance architecture, and secure-by-default delivery for organizations that need practical defenses instead of performative paperwork.
His published background emphasizes a through-line that is relevant to Cuddler: systems work should be explicit, testable, and useful under pressure. That mindset shows up in the way he approaches both cybersecurity and standards writing. Rather than treating documentation as a static artifact, he tends to frame contracts, playbooks, Domain Specification, and Artifact Definitions as working tools that help teams reduce ambiguity, prove outcomes, and recover faster.
Matt’s official profile also highlights the real-world events that pushed him deeper into cybersecurity practice, including early social-engineering and crypto-malware incidents that forced a sharper emphasis on recovery, verification, and operational evidence. From there, he expanded into red-team and purple-team work, control validation, incident readiness, and codified compliance programs that organizations can sustain over time.
That same bias toward explicit structure maps naturally to Cuddler. The public Cuddler Domain Specification, Artifact Specification, and Artifact Definitions are designed to make document generation more dependable by tightening the contract between schemas, templates, prompts, and published outputs. Matt’s contribution to that work is grounded in the same principles he applies elsewhere: assume ambiguity will cause failures, make requirements concrete, automate what is repeatable, and verify with evidence.
Professional profile
CISO, pentester, and senior SecOps/DevOps engineer
Founder, Cocoon CS
Founder and senior IT engineer, EZ Support
Speaker and advisor on practical cybersecurity programs
Areas of practice
Penetration testing across web, desktop, mobile, API, and cloud surfaces
Security program leadership aligned to standards such as SOC 2, ISO/IEC 27001, CMMC, and NIST frameworks
Compliance codification through reusable playbooks, evidence workflows, and operational artifacts
Security and operations work that prioritizes proof-of-fix, recovery readiness, and sustainable execution
