Getting Started with Wazuh: Open Source SIEM for Beginners
A practical walkthrough of deploying Wazuh from scratch — covering manager installation, agent deployment on Windows and Linux, and configuring your first custom detection rules.
Writing
Notes from the Field
Technical writeups, working notes, and observations on cyber security from the perspective of someone building their career in the industry.
Posts coming soon
I am working on my first writeups — covering topics including Wazuh setup, MITRE ATT&CK fundamentals, and incident response methodology. The cards below are previews of planned content. Check back soon, or follow me on LinkedIn to get notified when new posts go live.
Understanding MITRE ATT&CK: A Practical Introduction
What ATT&CK is, why it matters for defenders, and how to start mapping detection coverage against the framework — without getting lost in the matrix.
Incident Response Fundamentals: From Alert to Report
A practical breakdown of the IR lifecycle — how to structure a response, what to document at each stage, and how to write a post-incident report that's actually useful.
Building a Home Security Lab on a Budget
How I set up a practical home lab for security testing and learning using free tools, a cheap mini PC, and some basic virtualisation — and what I would do differently now.
Alert Fatigue: Why Tuning Your SIEM Matters More Than Adding Rules
Thoughts on the alert quality vs. alert quantity problem — and a practical approach to reducing noise while maintaining meaningful detection coverage.
OT/ICS Security: What IT Security Professionals Need to Know
An introduction to the key differences between IT and OT security — why the traditional CIA triad is applied differently, and where the unique risks lie in industrial environments.