Sudipta Debdebkosh.com
Sudipta Deb · India

I build the things I couldn't find, and write the things whitepapers won't.

Tools I needed and couldn't find anywhere, usually the hard version. By day I lead Ulaa, a Chromium-based enterprise browser, and the SASE stack built into it, designed and shipped, not integrated. The writing is the part vendors leave out: how enforcement actually works, and what the tradeoffs really cost.

GitHub sudiptadeb LinkedIn Email
NowUlaa · platform & security lead
FocusEnterprise browser security
Buildingmemd
Writingblog.debkosh.com
Résuméon request

Things I built

Tools I needed and couldn't find done right, so I built them. I gravitate to the hard ones.

Flagship

memd

Unified, file-first memory for AI agents.

The memory is a set of Markdown files the agent reads and maintains. You own them, version them in Git, and carry them between tools. The server is only an adapter, the files are the source of truth.

Markdown · Git · MCP adapter · Claude Code / Codex / Cursor / Gemini CLI
Codegithub.com/sudiptadeb/memd Docsmemd.debkosh.com
memd, an agent reading and maintaining its Markdown memory files
termulaa, a coding agent and a streaming log in a single split terminal

termulaa

Terminal

Your terminal and your coding agents in a browser tab, next to the app they're building.

One small Go binary instead of ttyd plus tmux with seams. PTY sessions survive the tab closing, scrollback replays on reconnect. Loopback-only.

Go · xterm.js · WebSocket · go install
sudiptadeb/termulaa
keysat, the overview dashboard, built on the Deb Design System

keysat

macOS · same system

A local-first keystroke and activity tracker for macOS.

Everything you type, organized by app, domain, and directory, searchable and charted, and it never leaves your machine. Password-like input is hashed, not stored.

Go · SQLite + FTS5 · Alpine.js
sudiptadeb/keysat

sackup

Android

Back up your phone to a USB drive, simple enough for your parents. I built it for exactly that.

Offline, no cloud, no accounts. Resumable, verified copies, plain language. Built for people who find most apps overwhelming.

Kotlin · Jetpack Compose · USB-OTG
sudiptadeb/sackup
MoreSmaller builds and experiments.

Chrome sync analyzer, a Chrome Enterprise URL-pattern matcher, SmolLM3-3B fine-tuning, a child-learning kiosk, thermal receipt printing.

Full index All repos

The day job

Ulaa, and the stack underneath it

By day I lead Ulaa, a Chromium-based enterprise browser, and I built the full SASE stack inside it from scratch: secure web gateway, ZTNA, CASB, DLP, and remote browser isolation. Designed and shipped, not integrated.

I designed the DLP pipeline, the inline TLS inspection layer, the RBI rendering architecture, and a post-quantum VPN stack for government customers, and I keep a sub-24-hour CVE-to-production pipeline on Chromium. I move between two seats: the architect writing the hard parts in Go, and the product lead owning the roadmap. The hard parts are written up, not bulleted here.

Deep-dives at blog.debkosh.com
Architect
DLP, TLS inspection, RBI, post-quantum VPN. In Go and C++.
Product lead
Roadmap and direction.
Secure web gatewayZTNACASBDLPRemote browser isolationPost-quantum VPNInline TLS inspection

What I write

The part vendors leave out

I write about how enterprise browsers, proxies, and security actually work: the enforcement mechanics, the real tradeoffs, the parts whitepapers and product pages skip. Same voice and audience as my LinkedIn.

The extension ceiling

Where browser-extension security tooling hits its limits: mandatory screen recording, Chrome sync MDM scoping, incognito bypass.

SERIES · 3 PARTS
Browser + SASE consolidation

What enforcement actually looks like when you merge them.

Go vs Rust for proxy workloads

The choice and why.

Enterprise browser metrics

What productivity numbers really mean.

Where it lives

LinkedIn is where these get posted and reach the enterprise-browser-security crowd. blog.debkosh.com holds the canonical long-form versions.

Read the blog
Featured / press
Securing the last mile: the browser is the new endpointUlaa · bylineUlaa strikes the right balance between privacy and usabilityFinancial Express

A bit about me

Based in India
Sudipta Deb

I build things I needed and couldn't find, and I like the ones that are hard. I came up through offensive security and SOC architecture, and for the last few years I've led the team building Ulaa and its SASE stack from scratch. Ten years in, security architecture is still the most interesting engineering I know: you hold adversaries, performance, and product experience in your head at once, and getting any one of them wrong breaks the whole thing.

Email GitHub LinkedIn Résumé (PDF) on request