Posts

All the articles I've posted.

• Why Building the Best Team Requires Both Code and Charter

  Published:Dec 1, 2025

  This post explores the tension between wanting to drive improvements purely through good work and collaboration versus the reality that organizational change often requires formal authority. Drawing on team dysfunction theory and concepts like psychological safety, it shows why influence and data can take you far — but why roles, mandates, and authority sometimes become the necessary tools to push meaningful change.

• The Self-Hosting Paradox

  Published:Sep 6, 2025

  Self-hosting is a thrilling rabbit hole. There’s a special satisfaction in spinning up your own services, shedding your reliance on SaaS giants, and taking control of your data. But once you’ve taken the red pill and peeked behind the curtain of “self-hosted alternatives,” you quickly encounter the darker side of freedom: too many options.

• A Cyber Tale of Change Resistance

  Published:May 18, 2025

  Cybersecurity teams thrive on staying ahead of threats—but often struggle when it comes to evolving their own internal practices. This post explores why change is so difficult in security culture, especially when it comes from outside the team, and how silos, ego, and comfort with the status quo can quietly hold us back.

• Why CVSS Is Not the Metric You’re Looking For

  Published:Jan 18, 2025

  Relying solely on CVSS scores for vulnerability prioritization is risky and misleading—context, expert insight, and a robust patching process are essential to truly protect your business.

• Homelab Setup Part 1: How I run my vServer

  Published:Dec 27, 2024

  Running and managing a virtual server (vServer) can be both fun and rewarding. Over time, I’ve streamlined my setup to reduce repetitive tasks and make deployments as seamless as possible. This is the first part of a series where I’ll share how I use Ansible, Docker, and a self-hosted Gitea instance to keep everything running smoothly while automating key tasks.

• Rethinking Cyber Threat Intelligence: Strategic and Technical CTI as the New Standard

  Published:Nov 18, 2024

  As a Cyber Threat Intelligence (CTI) analyst, I’ve seen firsthand how organizations struggle to implement the classic four-tier CTI model: strategic, tactical, operational, and technical. While this framework is useful in theory, in practice, the distinction between operational and tactical intelligence is often blurred—if not entirely nonexistent. This reality has led some to propose simplifying the classification into just two categories: strategic and technical CTI.