Hospitality Technology Builder · Founder @ MichelleVision Dar es Salaam, Tanzania 🇹🇿 · michellevision.com
role : Hospitality Technology Builder
location : Dar es Salaam, Tanzania 🇹🇿
focus : Hotels · Resorts · Lodges · Safari Camps
builds : Booking engines · PMS integrations · Guest apps · Payment systems
security : Built in from day one not patched on after
platform : MichelleVision where hospitality technology meets security
I build the systems that power hotels, resorts, and lodges. Based in East Africa, in the heart of one of the world's great tourism markets.
| System | What It Covers |
|---|---|
| 🏨 Booking & Reservations | Booking engines · OTA APIs · Real-time availability · Channel managers |
| 📱 Guest Experience | Mobile check-in · Digital keys · Guest apps · WiFi portals · Loyalty systems |
| 💳 Payments & Compliance | PCI-DSS · M-Pesa · Payment gateway APIs · Mobile money · Card security |
| 🔒 Operations & Security | PMS integration · Staff access · Guest data protection · GDPR · Vendor risk |
| Repo | What It Is |
|---|---|
| hospitality-security-notes | OWASP Top 10 for booking systems · PMS security · PCI-DSS · East Africa resort tech |
| hipaa-risk-toolkit | Python HIPAA/HITECH risk assessment toolkit regulated data expertise |
| owasp-healthcare-notes | OWASP Top 10 applied to web apps cross-sector security depth |
| michellevision-tools | Security automation scripts and research tools |
Most hospitality technology is built by people who have never seen a safari lodge booking system, integrated M-Pesa for a beach resort, or understood the connectivity challenges of remote property management.
I build from inside the market I serve.
Tanzania tourism context ████████████ Authentic
M-Pesa integration depth ████████████ Real-world HackerOne research
East Africa mobile money ████████████ Vodacom TZ · M-Pesa Africa
Safari lodge tech ████████████ Remote · Offline-capable · Secure
hospitality_tech = ["Booking Engines", "PMS Integration", "OTA APIs", "Guest Apps"]
secure_dev = ["OWASP Top 10", "PCI-DSS", "Threat Modelling", "API Security"]
payments = ["M-Pesa", "Payment Gateway", "Mobile Money", "Card Security"]
compliance = ["PCI-DSS", "GDPR", "HIPAA/HITECH", "Guest Data Protection"]
builder_bg = ["Full-stack Web", "Mobile Apps", "REST APIs", "5+ years"]Advisory findings from security research (anonymized):
[CRITICAL] Auth bypass patient portal IDOR. OWASP A01. Patched 48hrs.
[CRITICAL] Ransomware vector vendor domain admin, no BAA. Closed pre-exploitation.
[CRITICAL] PHI leakage in ML pipeline 4,200 protected before production.
[HIGH] 14 HIPAA gaps $1.2M+ exposure reduced to near-zero in 90 days.
CompTIA Security+ ████████░░ In Progress
Splunk Core ███████░░░ In Progress
HackerOne ██████████ Active
PortSwigger ████████░░ Active — Web Security Academy
SOC Analyst ░░░░░░░░░░ Future path — after certs
Building the technology that powers hospitality. From Dar es Salaam, for the world.