Blog
Real-world cybersecurity incidents, infrastructure deep-dives, and lessons learned from the trenches of MSP operations.
My Take on NinjaOne RMM
Thanks to a new customer I've been working with, I've recently had the opportunity to start using NinjaOne as an RMM. After a couple of weeks of hands-on use, I wanted to share my perspective—especially in comparison to ConnectWise.
PC Parts Are Getting Stupid Expensive Again (and it's not just GPUs)
It's getting harder to recommend building a PC right now. AI hardware demand is pulling everything into its orbit — RAM and GPU pricing are climbing, and regular builders are the ones eating the bill.
Building a Wazuh SIEM in My Proxmox Homelab
I deployed a Wazuh all-in-one server on Ubuntu in Proxmox, then onboarded my Windows PC as an agent. Here's what worked, what broke, and how I fixed it.
Hunting a RAT Hidden in SYSTEM-Level Autorun Persistence
A multi-day investigation into a suspicious executable that kept reappearing after deletion. This post documents how I traced it to a SYSTEM-level registry persistence mechanism disguised under an Adobe folder path.
Building My Home Server with Proxmox
I recently brought home a retired server from the office to build a personal home lab. This post documents every major step, from unboxing the hardware to configuring pfSense, fixing network routing, and deploying Docker with Portainer.
Breaking the Microsoft Chains
With the issues that have been coming up in the community around how Microsoft is overstepping the boundaries of home PC autonomy, I decided to take my first steps to moving away from traditional Microsoft products and Windows to Linux.
How I Set Up a Professional Email Address Using Zoho Mail and Cloudflare
A step-by-step guide on how I set up a custom email address at my own domain, including DNS configuration, MX routing, SPF, DKIM, and verification through Zoho Mail using Cloudflare DNS.
When Remote Support Tools Trigger False Positives in Endpoint Security
A real-world look at how an outdated remote support agent triggered multiple SentinelOne alerts, why it happened, and what it teaches us about modern endpoint protection.