Programing
WFH Lesson 5 - Communication and Leadership in a Remote World
The shift from managing yourself to managing relationships — how to communicate, build trust, lead a team, and stay human when nobody can see you.
• remote-work
CyberSecurity
Dangling DNS and Abandoned Cloud Services: The Subdomain Takeover Problem
How abandoned cloud resources and stale DNS records let attackers serve content on your domain — and what to do about it.
• dns
CyberSecurity
Building a Twilio SMS Integration Securely: What Most Tutorials Skip
Most Twilio tutorials get you to 'working' fast and security never. Here's how to build the SMS integration correctly from the start.
• twilio
CyberSecurity
Blocking Builds Is Not Being Mean
Why security build gates exist, how to handle the cultural pushback, and how to be a genuine partner to development teams instead of a blocker.
• devsecops
CyberSecurity
Build a Secure Backend API with Azure App Service
A step-by-step guide to deploying a genuinely secure API on Azure App Service — covering managed identity, Key Vault, network restrictions, Entra ID auth, TLS, and Application Insights.
• azure
CyberSecurity
Building a Secure API 90 Percent of the Time
A practical guide to building APIs that are secure by default — covering input validation, auth patterns, rate limiting, logging, and error handling.
• api-security
CyberSecurity
Dev Workflow as a Security Engineer: What My Day Actually Looks Like
A ground-level look at the daily dev workflow of a security engineer — tools, code review process, security automation, Git workflow, and incident response tooling.
• devsecops
CyberSecurity
Explore API Security - How Do Attacks Happen
A practitioner's breakdown of the OWASP API Security Top 10 — what the attacks actually look like and what you can do about them.
• api-security
CyberSecurity
HackingAPIs Book Review
An honest review of 'Hacking APIs' by Corey Ball — who should read it, what you'll learn, and how it reshapes your approach to API security.
• book-review
CyberSecurity
How to Hack APIs - Approaches from DevSecOps
From a defender's perspective: how attackers approach API hacking, and why understanding offense makes you a dramatically better defender.
• api-security
CyberSecurity
Hunting Exposed Secrets in GitHub Repos: My Neovim-Powered Workflow
My practical, reproducible workflow for finding exposed secrets in GitHub repos using trufflehog, gitleaks, and Neovim — with CSV output for reporting.
• neovim
CyberSecurity
Security Roles and Teams Explained
A plain-English breakdown of security roles, how teams are structured, and what people actually do day-to-day.
• careers
CyberSecurity
Security Tools Simplified
Cut through the vendor noise and learn what security tools actually do, when you need them, and when you don't.
• SAST
DevOps
Automate Everything: The Philosophy and Practice of Getting Out of Your Own Way
Why you should automate everything you do more than once, and how to actually start — shell scripts, CI/CD, cron jobs, reporting automation, with real examples.
• automation
DevOps
Building a Secure DevOps Pipeline
A hands-on walkthrough of building security into CI/CD pipelines with real YAML examples across GitHub Actions, Azure DevOps, and GitLab CI.
• ci-cd
DevOps
Kubernetes Security: A Beginner's Field Guide
The essential Kubernetes security concepts every practitioner needs to know before they get paged at 2am.
• kubernetes
DevOps
Pipeline Your Way to Safety
How to use pipelines as security enforcement points — implementing policy-as-code, tuning gates, and making security a guardrail instead of a bottleneck.
• ci-cd
DevOps
Platform Engineering Is Security's Best Friend (If You Do It Right)
How security fits into the platform engineering movement — and why platform engineering done right makes secure defaults the path of least resistance.
• platform-engineering
DevOps
Top Three Books on DevSecOps
Honest reviews of the three books that most shaped my approach to DevSecOps: The DevOps Handbook, Alice and Bob Learn Application Security, and Securing DevOps.
• books
Programing
A Mentor's Guide to Why HR Doesn't Know What They Want
The disconnect between what HR writes in job postings and what engineering teams actually need — and how to navigate it.
• hiring
Programing
Code Reviews - The Road to Learning
Why code reviews are the most underrated learning tool in software engineering — and how to actually do them well.
• code-review
Programing
Editors: Why I Use Both Neovim AND JetBrains (And Why That's Not a Contradiction)
The myth of the one true editor, when Neovim shines vs when JetBrains is the right call, dotfiles culture, and how to build a workflow that uses the best of both.
• neovim
Programing
Get Better at the Keyboard: The Investment That Compounds Every Day
Your hands touch the keyboard thousands of times a day — investing in that skill compounds over a career. Touch typing, vim motions, mechanical keyboards, ergonomics, and the resources that actually helped.
• keyboard
Programing
How to Adult After College
The honest, no-fluff guide to surviving your first year out of college that nobody gave you.
• career
Programing
How to Successfully WFH
A practitioner's comprehensive guide to making remote work actually work — from someone who's been doing it since 2018.
• remote-work
Programing
Notion vs Obsidian: An Honest Take From Someone Who's Used Both
A no-fanboy comparison of Notion and Obsidian covering local-first vs cloud, markdown vs blocks, plugins, pricing, collaboration, and privacy — to help you actually pick the right one.
• obsidian
Programing
Promotions and the Real Truth
The uncomfortable truths about how promotions actually work in tech — no sugar coating.
• career
Programing
Remote Work Advice for Those Who Hate It
For everyone who got forced into remote work and is struggling — your frustration is valid, and here's how to survive it anyway.
• remote-work
Programing
Stop Framework Hopping and Find the Pillars
Stop chasing every new framework and learn the fundamentals that transfer everywhere — the pillars that outlast the hype cycle.
• fundamentals
Programing
The Path Forward - The Path to Leading
What nobody warns you about when you move from individual contributor to team lead — and why it changes everything.
• leadership
Programing
Use the Right Tool for the Job: Stop Forcing One Tool to Do Everything
Stop forcing one tool to do everything. Real examples of when using the wrong tool cost hours, and a framework for choosing tools based on the problem rather than tribal loyalty.
• tools
Programing
WFH Lesson 2 - Routine and Setup
The routines and physical setup that make remote work sustainable — what I actually use and why each piece matters.
• remote-work
Programing
WFH Lesson 3 - Knowledge Management
Why personal knowledge management is a remote work superpower, what tools to use, and how to build a second brain that pays dividends for your whole career.
• remote-work
Programing
WFH Lesson 4 - Shake It Up Work from Different Spaces
Why working from the same spot every day is a trap, and how changing your environment unlocks different kinds of thinking and keeps remote work from going stale.
• remote-work
Programing
Your PKM Workflow: How I Actually Manage Knowledge Without Losing My Mind
A walk through my personal knowledge management system using Obsidian, Readwise, Reader, Todoist, and Neovim — how information flows from capture to creation.
• pkm
Programing
WFH Lesson 1 - Time Management
Why time management is uniquely harder at home, and the systems I actually use to own my day instead of letting it own me.
• remote-work
CyberSecurity
Security for Developers: Essential Knowledge Every Developer Should Have
Essential security knowledge every developer needs to build secure applications, from basic principles to practical implementation techniques.
• security
Testing
Testing Code Blocks
Testing enhanced code block functionality
• Testing
CyberSecurity
Incident Response Playbook: Lessons from Real Cyber Attacks
Battle-tested strategies for handling security incidents under pressure
• CyberSecurity
DevOps
Terraform Security Best Practices: Infrastructure as Code Done Right
Secure your infrastructure from code to cloud with battle-tested Terraform patterns
• DevOps
Programing
Building Secure REST APIs in Go: A Developer's Guide to Security-First Design
Security patterns and practices for production-ready Go APIs
• Programming
CyberSecurity
Advanced Threat Hunting: Detection Strategies That Actually Work
Real-world threat hunting techniques from the trenches
• CyberSecurity
DevOps
Kubernetes Security Hardening: A DevSecOps Engineer's Playbook
Securing Kubernetes clusters from day zero to production
• DevOps
Programing
Five Things to Help With Work From Home
Remote Work
• Work from home
CyberSecurity
Containers from a DevSecOps Engineers perspective
What Software engineers should know about building docker files
• Programming
DevOps
Getting Started I want to learn DevOps
I want to learn DevOps
• Getting Started
Programing
Getting Started How To Start Programming
How to start programing
• Programming
CyberSecurity
Getting started in the world of Infosec
The world of Infosec "No sugar coating it!"
• CyberSecurity