Polleo Labs
Polleo Academy.
A working space for tutorials, walkthroughs, and structured learning on building AI-first software with the same security-first mindset that shapes everything we ship. Hands-on craft for people who want to make, not just read about it.
Machine Learning
Classical ML, end to end — regression, classification, ensembles, and how to choose between them.
A 15-module course in Jupyter notebooks. Each module walks one algorithm from problem framing to working code, with a worked example you can read by hand and a "when it breaks" section that names the failure modes you'll actually hit. Designed to be read in order, but every module also stands on its own as a reference.
Modules cover linear and polynomial regression, logistic regression, SVMs, decision trees, bagging, random forests, AdaBoost, gradient boosting, stacking and voting, k-NN, naive Bayes, algorithm selection, and a model-comparison capstone. Ten reference notebooks cover the supporting concepts the modules cross-link to.
Adversarial Engineering
Red-team craft taught as an engineering discipline — methodology, technique, and applied judgment.
A structured curriculum for offensive security practitioners that treats red-team work as engineering, not theatre. Three layers stack: a universal core that every student takes, modular technique domains that go deep on individual capability areas, and applied-context modules that specialize the work to a vertical or reconstruct a real adversary campaign. The first round of curriculum authoring is complete and under review.
The core covers methodology, engagement planning and ethics, OSINT, C2 and operational security, social engineering, purple team and detection engineering, reporting, a capstone exercise, and long-horizon engagement stewardship. Thirteen technique modules span Active Directory, Kerberos, AD CS, evasion, lateral movement, hybrid identity, adversarial machine learning, LLM jailbreaking, RAG and agentic exploitation, software supply chain, MCP and agentic system security, agents as supply-chain amplifiers, and persistence. Applied contexts include verticals — healthcare, financial services, industrial control, government, and transportation — each with sub-vertical deepenings, and APT tracks reconstructing campaigns from Scattered Spider, Volt Typhoon, Lazarus, Cl0p, Storm-0558, TRITON / FROSTYGOOP, Sandworm, IT-OT-bleed ransomware, and Salt Typhoon.
Four certification tracks — Practitioner, Builder, Tester, and Engagement Stewardship — guide students through the layers in a sequence that fits their role. A capstone scenario bank with examiner calibration material anchors the assessment side. The hands-on lab platform is in development; until it ships, the curriculum is being refined against internal review and exemplar walkthroughs.