Research & Writing
Notes from the SOC floor and the research bench
Longer-form writing on detection engineering, threat-informed defense, and applied security research — the thinking behind the work, not just the results.
Detection Engineering: Turning Alert Noise Into Signal
A practical look at how SOC teams move from thousands of low-value alerts to a small number of high-confidence detections — and the workflow behind getting there.
Operationalizing MITRE ATT&CK: A Threat-Informed Defense Playbook
How to move MITRE ATT&CK from a wall poster to an operational framework that drives detection coverage, breach simulation, and incident response.
Zero-Knowledge Proofs: A Practical Primer for Security Engineers
What zero-knowledge proofs actually let you build, where they show up in real systems today, and why they matter beyond cryptography research.
Open to security research collaborations & freelance engineering work
Let's strengthen your security posture — or build something new.
Whether it's detection engineering, a compromise assessment, or a full-stack build — I'm always glad to talk shop.