A security engineer writing about the things that actually interest them. Incidents, threat intelligence, tooling, opinions. Sometimes all four in the same post.
I’m a security engineer with an extensive DFIR background. CTI keeps me up at night — following a campaign, chasing an infrastructure pivot, trying to understand not just what happened but why. This is where I write about whatever I find interesting: incidents, threat intelligence, tooling, opinions, the occasional rabbit hole I couldn’t leave alone.
Not everything will be hyper-technical. Some posts are case studies, some are observations, some are just things I think the security community should be talking about more. The common thread is that I wrote it because I genuinely cared about it, not because it fit a content calendar.