Hello World

About the Blog

I spend a lot of my time responding to cloud incidents, writing and tuning detections, identifying and resolving misconfigurations, and hunting in the cloud. After a while you start to notice the same patterns, the same misconfigs, and the same threats. I figured I’d start writing some of it down.

This blog is mostly a place for me to document things I’ve seen, techniques that caught my attention, and the occasional query that I think is neat. Nothing here is going to be groundbreaking research — it’s just stuff from the trenches that might be useful to someone else working in cloud security.

It also forces me to actually write, which I’ve never been great at. So bear with me.

About Me

I’m a senior security analyst working in cloud incident response. Most of my day-to-day revolves around Cloud Detection & Response, detection engineering, and threat hunting across a lot of data.

Before this I was a lead cloud security engineer building out Azure and AWS infrastructure, a sysadmin keeping a mix of cloud workloads and SaaS running, a help desk tech doing a bit of everything, and a pizza delivery driver making fresh dough daily.

Thanks for stopping by.