cybersecurity · hybrid cloud · grc
Computer enthusiast in Vancouver, BC. Enterprise infrastructure and security work, documented in public.
This site is my knowledge aggregator — a public record of explorations, experiments, and the occasional guide. Posts document what I was thinking at the time; some of it will age, all of it is a reference point.
Off the clock it's projects, time permitting — but mostly family.
How attackers get into enterprise environments — and how to keep them out. Defense in depth, endpoint protection, security posture over theory.
Enterprise infrastructure across on-premises and cloud. The unglamorous plumbing that keeps organizations running.
Translating security frameworks into operational reality — policies, audits, and risk decisions that hold up outside the binder.
How I pair Claude Code with the Superpowers and AgentOps plugins to turn AI from a chat assistant into a repeatable engineering workflow — context, plan, change, validate, document, review — with install steps and the exact prompts I use.
Instead of one confident answer, spin up five advisors — the Contrarian, First-Principles Thinker, Expansionist, Outsider, and Executor — then close with one verdict. A prompt for sharper thinking with AI.
The attacker top 10 hasn't changed in a decade — predictable threats are preventable. Why application allowlisting belongs in front of your EDR, not behind it.