Blog
Writing
Technical notes, lab writeups, and lessons from work across DevOps, cloud infrastructure, and cybersecurity.
AllDevOpsCI/CDDevSecOpsSOCAnsibleinfrastructurecybersecuritypipeline securityCybersecuritySecurity OnionSIEMdevopsidempotencyLinuxsecurityAWSIncident ResponseZeekSuricataIaCAutomationAzureNginxlinuxubuntupythonmigrationautomationcareer transitionbuilding in publiccloud infrastructureportfolioproductionhardeningSSHauditdfail2bandefence in depthshift-left securitycloud securitycareersystems-thinkinglearningcloudCloudArchitectureSecurityLab
Latest Post
4 min read
What a Network Intrusion Actually Looks Like in Security Onion
The alert fired. Here is what came next — a walkthrough of the investigative process behind a ransomware intrusion investigation in Security Onion, from IDS alert triage through log correlation to a coherent incident timeline.
CybersecuritySOCSecurity OnionIncident Response
Read Post