Notes on the systems I work on — identity, cloud, automation, and the case for building internal tools.
-
May 2026
Five Lessons from Running Incident Response
What actually matters when you're running a security incident — preparation, containment, and communication.
-
May 2026
Designing Conditional Access People Don't Fight
Secure policies that don't train everyone to invent workarounds.
-
April 2026
Hybrid to Cloud-Only Identity: A Migration Playbook
Moving off on-prem Active Directory to cloud-only Entra ID safely and reversibly.
-
April 2026
Automating the Identity Lifecycle: Joiner, Mover, Leaver Without the Tickets
Why provisioning should be driven by the HR system of record, and how to make access correct by default.
-
March 2026
Build vs. Buy: When an Internal Tool Beats Commercial Software
A practical framework for deciding when it's cheaper and safer to build the thing yourself.