Kieran Charnock
I lead enterprise service management at a global law firm, focused on end user productivity, digital transformation, data-driven decision making, and deploying enterprise-ready AI with clear ROI.
I build with AI in the loop; Claude Code in the terminal, a versioned prompt library, and custom MCP servers I've written to wire the agents into my own systems.
None of it goes out on trust. Every morning at 05:30, an autonomous agent reviews my code so I don't ship the same mistake twice; it's the innermost of a few loops I run to keep things honest.
Bugs and vulnerabilities are flagged for me, never auto-fixed; everything opens as a pull request, and nothing merges itself.
Around that, I run a few scanners together; each one is blind to what the others catch:
- Static + SASTSonarQube / SonarCloud: code quality, bug patterns, infrastructure-as-code
- Dependencies + secretsSnyk: known CVEs, container & IaC, leaked credentials
- Local pre-pushOSV-Scanner + Grype/Syft: offline, before anything leaves the machine
- AI reviewClaude Code ultrareview: logic bugs the scanners miss