Field notes / Archive
Ideas from
the workbench.
Five years of practical thinking on attack paths, dependable systems, and cloud platforms. No trend reports—just ideas meant to survive contact with production.
All field notes
21 notes · Jul 2021—Jul 2026
-
Attack paths are stories, not spreadsheets
Penetration testing -
Cloud guardrails teams will actually use
Cloud engineering -
Make failure legible
Systems engineering -
Identity is infrastructure
Cybersecurity -
The first hour of a Linux incident
Systems engineering -
Terraform drift is a signal
Cloud engineering -
Scope makes the pen test
Penetration testing -
Threat-model the handoffs
Cybersecurity -
Backups are a recovery system
Systems engineering -
Secrets should have short stories
Cybersecurity -
Golden images need expiration dates
Systems engineering -
Observability starts with a question
Systems engineering -
Kubernetes security begins before the cluster
Cloud security -
Patching is dependency management
Systems engineering -
The runbook is part of the system
Systems engineering -
Segment by consequence
Network security -
CI/CD is a production identity
Cloud security -
Hardening without breaking operations
Systems security -
Cloud cost is an architecture signal
Cloud engineering -
Inventory is a security control
Cybersecurity -
Build the rollback before the release
Systems engineering