Skip to content
← Work

Work

Borg Research / Odin

Lead frontend and full stack

Odin is Borg Security’s platform for attack surface monitoring: security findings, reports, team management, billing, and Mjolnir, their agentic pentest engine. It lives in a monorepo alongside an internal Operations app that operators use to run CRM, billing, finding management, pentests, and admin support.

I led full-stack product work across both apps. Most of my footprint was the client-facing Odin app and the internal Operations console, plus the shared frontend packages, the E2E suite, the docs, and a handful of backend integration points. It was a team effort, not a solo one.

What I built

  • The Odin product surfaces: home dashboard, attack surface views, findings, reports, teams, org settings, notifications, API keys, billing, and the Mjolnir pentest flows.
  • The Operations console operators work in daily: org management, CRM, finding management, pentest operations, proposals, billing tools, integration admin, and audit logs.
  • Self-serve onboarding and billing end to end: plan selection, credit metering, ledger and usage APIs, seat limits, entitlements, auto-deposits, manual adjustments, and enterprise overrides.
  • Account security: email OTP, passkeys, step-up verification, session handling, domain-join flows, route gates, and rate limiting.
  • Integrations with Linear, Jira, GitHub, GitLab, and Slack, including the setup flows, webhooks, and the two-way sync that turns a finding into an issue and keeps its status honest.
  • The Slack side of Odin: finding unfurls, re-auth prompts, and an @Odin agent backed by LLM orchestration and tools.
  • Most of the Mjolnir surface: setup drafts, repo browsing, connectivity checks, run management, PR-review previews, suppression rules, live run progress, and retest triggers.
  • The shared packages the rest of the team built on: domain types, billing logic, email templates, integration helpers, Neo4j access, and MCP tooling.

Hard parts

Security products punish ambiguity. A single finding has to carry enough context for a client to act on, enough structure for an operator to manage, and enough detail to sync cleanly into whatever issue tracker the team already lives in.

So most of the real work was not building screens. It was connecting state: client workflows, operator workflows, billing rules, third-party integrations, pentest execution, and report generation all had to agree with each other. The constant tension was keeping the product self-serve without taking the visibility and control operators need away from genuinely complex security work.

Stack

Next.js App Router, React, TypeScript, Tailwind, Radix and shadcn/ui, Zod, SWR, Recharts, Tiptap, NextAuth with passkeys, MongoDB, Neo4j, ClickHouse, Google Cloud Pub/Sub and Storage, Stripe, the Linear, Jira, GitHub, GitLab and Slack APIs, Go and Python services, and Playwright for the end-to-end tests.