Chess MCP
A powerful chess engine and game server built with the Model Context Protocol (MCP). Play chess against AI, analyze positions, and integrate chess functionality into your AI applications.
Arvid Berndtsson
Information Security Lead & Full‑Stack Developer
I help companies keep data safe and build reliable software. Focus areas: ISO 27001, SOC 2, risk management, data loss prevention, incident response, and modern web apps. Based in Malmö & Varberg.
Featured on
Featured projects
A selection of things I've built.
Compliance Simplified
Exploring tools and workflows that make security compliance approachable - governance, awareness, and automation.
arvid.tech - Personal Website
A modern, performant personal website built with Astro 5, TypeScript, and Cloudflare Pages.
Robots.txt Analyzer
Modern robots.txt analyzer with instant parsing, security checks, and best‑practice scoring. Built with Qwik, deployed on Cloudflare Pages with D1.
What people say
Recommendations from colleagues and collaborators.
"Arvid is truly a gem. He is driven, knowledgeable, and incredibly humble. Working with him has been both rewarding and a lot of fun. He is highly skilled at what he does and has a fantastic ability to…"
"I've had the pleasure of working closely with Arvid Berndtsson over the past two years at Malmö University, where he has contributed significantly as a teaching assistant and collaborator in several c…"
"Arvid and I have worked together on university projects and studied together at Malmö University. He is extremely knowledgeable, competent, and humble, always managing to solve the problems and challe…"
Recent thoughts
RAG Architecture Guide for Large-Scale Document Search
Learn how to build a cost-effective, enterprise-grade RAG system. This guide details a 3-stage retrieval pipeline for searching massive document sets.
Chat Control 2.0: A Dangerous Path Toward Mass Surveillance
The European Union stands at a critical crossroads in digital privacy and civil liberties. The proposed Chat Control 2.0 regulation, formally known as the Child Sexual Abuse Regulation (CSAR), is one of the most sweeping surveillance proposals ever considered by a democracy. Framed as a child protection measure, it would actually establish an unprecedented mass surveillance infrastructure that undermines the fundamental right to private communication.
A Practical Guide to Preventing Subdomain Hijacking
Forgetting to delete an old DNS record can leave you vulnerable to subdomain hijacking. Attackers can claim your unused addresses to host malicious content under your brand's name. Learn how to find and fix these dangling pointers with o...