Solo product build · Product strategy, systems architecture, full-stack dev, AI orchestration · 2026
Most threat dashboards tell you what happened. OpenSentry tells you who's exposed.
- Problem
- Security teams at large enterprises track risk across a dozen disconnected platforms that don't talk to each other, drowning in redundant alerts while struggling to keep workforce locations current in every one.
- Solution
- One console fuses six live authority feeds into a single event schema and spatially joins them against where the workforce actually lives, so the output is a ranked answer to who is exposed, not another inbox of incidents.
- Stack
- Cloudflare edge stack (Workers, D1, KV, R2, Cron), H3 hex-cell spatial join, AI woven through the UI with provenance, caching, cost metering, and rule-based fallback. No standing server bill.
An operational threat-intelligence console for global security teams. Six live public-authority feeds (seismic, weather, disaster, wildfire, humanitarian, government advisories) fused into one event schema and spatially joined against where a workforce actually lives. The output isn't a wall of incidents. It's an answer to a real question: who is in danger, and what should we do about it. Edge stack, AI woven through the UI, no standing server bill.

6/7
authority feeds live, fused into one schema
~420→15
DB round-trips per demo load (systems fix)
2-layer
AI cache w/ rule-based fallback
¢/session
AI cost; no standing server bill
The problem before the product
A large enterprise security team doesn't lack information. It has too much, arriving in incompatible shapes. Earthquake alerts come from one platform, weather from another, civil-unrest advisories from a third, wildfire data from a fourth. A dozen inbound channels, each with its own login, its own format, its own notification rules. None of them know about the others, so the same flood event generates four alerts that nobody reconciles. The noise buries the signal. Worse, none of those platforms know where the workforce is. Every time an employee relocates or leaves, someone has to update that fact in a dozen separate systems. It never stays current. The result is a stack of tools that report what happened somewhere on earth while failing at the only job that matters, telling a specific team that a specific person is in danger right now.
The product reframe
A distributed workforce can't be protected by a feed of incidents. An earthquake, a wildfire, a conflict flare-up only matter to a security team if someone they're responsible for is inside the blast radius. The product question is not "what happened" but "who is exposed, and what's the right response." That reframing changes the architecture. Incidents become the cheap part. Exposure becomes the product.
“We have to look at a half dozen summaries, keep a half a dozen systems up to date. We needed something that summarized all of the alerts and told us what matters.”
Project goals
Fuse seven independent public sources, several of which bot-block, change format, or revoke access, into one normalized event model. Spatially join events to a workforce so the system answers exposure, not just occurrence. Weave AI through the interface with provenance, cost ceilings, caching, and a graceful degradation path. Make a natural-language command bar reliable enough to mutate real filters without becoming demo-ware. Run the whole thing continuously on an edge stack with nothing to babysit and costs metered per call.
Architecture, and the systems wins
The architectural commitment came early: H3 hex cells as the spatial join key, with zones, employees, events, and matches as four loosely-coupled tables. That decision is what lets the product speak in exposure rather than incidents. When denormalized counts drifted across demo swaps, the fix was a systems decision rather than a patch. Two of the most consequential bugs were things a code generator couldn't have caught, because they had to be seen. Severity colors defined as CSS variables rendered as black or white on the map, because the map paints on a WebGL canvas that can't resolve CSS custom properties. Separately, loading a 210-row demo workforce was firing around 420 sequential database round-trips. The systems read — 210 employees collapse to about 30 unique hex cells, and writes can be batched in transactions — dropped it to ~15 round-trips with no new dependency and no schema change.
Four hundred sequential round-trips don't show up in a code review. They show up in the operator's loading spinner. Diagnosing that is a human-at-a-real-browser problem, not a generation problem.
AI with discipline
Every AI surface in the UI carries a small sparkle icon whose tooltip exposes the model, the source-event count, the cost, and whether the result was cached. Underneath, the discipline is stricter than the visuals suggest. The zone summary short-circuits to a static "all clear" line when there are zero matched threats, with no model call at all. Match explanations are cached for 24 hours, keyed on event and zone IDs. The command bar treats the model as a JSON producer constrained by enums: the model proposes an action, and the server rejects any category or severity string that isn't in the canonical list. The model proposes. The server disposes.
Outcomes
A working, edge-deployed threat console that fuses six live authority feeds into a single exposure model. Spatial-join architecture on H3 cells that answers who is exposed, not just what occurred. AI features with traceable provenance, double-layer caching, per-feature cost metering, rule-based fallback. A natural-language command bar that mutates real filters through enum-validated JSON. A four-tier edge architecture — ingest, fusion, reasoning, serving — running continuously with no long-lived process to crash and no standing server bill. Live at opensentry-dev.pages.dev.
Next case study
ClearWeight
