Skip to main content

Blog

Writing

Technical notes, lab writeups, and lessons from work across DevOps, cloud infrastructure, and cybersecurity.

AllDevOpsCI/CDDevSecOpsSOCAnsibleinfrastructurecybersecuritypipeline securityCybersecuritySecurity OnionSIEMdevopsidempotencyLinuxsecurityAWSIncident ResponseZeekSuricataIaCAutomationAzureNginxlinuxubuntupythonmigrationautomationcareer transitionbuilding in publiccloud infrastructureportfolioproductionhardeningSSHauditdfail2bandefence in depthshift-left securitycloud securitycareersystems-thinkinglearningcloudCloudArchitectureSecurityLab
Latest Post
4 min read

What a Network Intrusion Actually Looks Like in Security Onion

The alert fired. Here is what came next — a walkthrough of the investigative process behind a ransomware intrusion investigation in Security Onion, from IDS alert triage through log correlation to a coherent incident timeline.

CybersecuritySOCSecurity OnionIncident Response
Read Post
4 min read

How I Rebuilt My Technical Career — In Public, With Evidence

19 years in IT. Redundancy. A choice: retrain quietly, or build everything in the open and let the work speak. This is what building in public actually looks like — and why a portfolio beats a CV every time.

career transitionbuilding in publicDevOps
3 min read

Setting Up Security Onion — What I Learned

A practical walkthrough of deploying Security Onion as a SIEM and IDS platform for the first time — what worked, what didn't, and what every SOC analyst candidate should understand before sitting in front of it.

CybersecuritySOCSecurity Onion
Blog | Sonny Enchill