Blog
Writing
Technical notes, lab writeups, and lessons from work across DevOps, cloud infrastructure, and cybersecurity.
What a Network Intrusion Actually Looks Like in Security Onion
The alert fired. Here is what came next — a walkthrough of the investigative process behind a ransomware intrusion investigation in Security Onion, from IDS alert triage through log correlation to a coherent incident timeline.
How I Rebuilt My Technical Career — In Public, With Evidence
19 years in IT. Redundancy. A choice: retrain quietly, or build everything in the open and let the work speak. This is what building in public actually looks like — and why a portfolio beats a CV every time.
Secure the Ground Before You Build the Pipeline — Linux Hardening for DevOps Engineers
Most DevOps engineers spend serious effort on CI/CD security controls and almost none on the Linux hosts those pipelines run on. If the ground is soft, the pipeline controls do not hold. Here is what host hardening actually looks like — and how it reinforces everything above it.
What 19 Years in IT Taught Me About Cybersecurity, Cloud, and DevOps
After 19 years in enterprise IT — the last decade owning cybersecurity posture, cloud transformation, and IT governance for a regulated financial services organisation — here is what actually transfers, and why the combination is rare.
Setting Up Security Onion — What I Learned
A practical walkthrough of deploying Security Onion as a SIEM and IDS platform for the first time — what worked, what didn't, and what every SOC analyst candidate should understand before sitting in front of it.