Notes from a practitioner's desk.
Substantive posts on infrastructure, cybersecurity, AI in operations, and reflections from my MIT studies. No listicles. No ghost-written marketing. Just what I've learned.
Why I Built a Dark Web Research Site (and What I Learned)
Running a Tor hidden service as a senior IT leader sounds provocative. The reality is quieter, more disciplined, and more useful than the framing suggests. Notes on stack, tradecraft, and identity separation.
The CISA KEV Catalog as a Prioritized Patch Backlog
Most patch programs drown in CVSS noise. CISA's Known Exploited Vulnerabilities list is the strongest empirical signal we have, and most teams still treat it like a newsletter instead of a work queue.
AI in IT Operations: A Reality Check from the Trenches
A balanced look at where generative AI actually earns its keep in operations, where it's still theater, and the governance problems no one wants to own.
MIT Week 1: Back in a Classroom After 20 Years
Returning to formal study after two decades in industry is a particular kind of humbling. A few early observations on the gap between running the work and studying it.
Zero Trust Is Harder Than Vendors Admit
The architecture is sound. The products sold under its name rarely are. A pragmatic, five-year view of what it actually takes to move a real enterprise toward Zero Trust.