Field notes / Archive

Ideas from
the workbench.

Five years of practical thinking on attack paths, dependable systems, and cloud platforms. No trend reports—just ideas meant to survive contact with production.

All field notes

21 notes · Jul 2021—Jul 2026

  1. Attack paths are stories, not spreadsheets

    Penetration testing
  2. Cloud guardrails teams will actually use

    Cloud engineering
  3. Make failure legible

    Systems engineering
  4. Identity is infrastructure

    Cybersecurity
  5. The first hour of a Linux incident

    Systems engineering
  6. Terraform drift is a signal

    Cloud engineering
  7. Scope makes the pen test

    Penetration testing
  8. Threat-model the handoffs

    Cybersecurity
  9. Backups are a recovery system

    Systems engineering
  10. Secrets should have short stories

    Cybersecurity
  11. Golden images need expiration dates

    Systems engineering
  12. Observability starts with a question

    Systems engineering
  13. Kubernetes security begins before the cluster

    Cloud security
  14. Patching is dependency management

    Systems engineering
  15. The runbook is part of the system

    Systems engineering
  16. Segment by consequence

    Network security
  17. CI/CD is a production identity

    Cloud security
  18. Hardening without breaking operations

    Systems security
  19. Cloud cost is an architecture signal

    Cloud engineering
  20. Inventory is a security control

    Cybersecurity
  21. Build the rollback before the release

    Systems engineering