Blog

Insights

Patterns from 25 years of security leadership, offensive operations, and building things that work.

AI & Automation Footprints in the Snow: IOC Table Indicators of compromise from a snowshoe phishing campaign: sending infrastructure, email kit signatures, TDS domains, and scam kit artifacts. 3 min read the-mundane email-security phishing iocs AI & Automation Footprints in the Snow 248 AI-generated phishing emails hit my inbox in five days. SpamAssassin caught 5%. We mapped the operation from a leaked LLM prompt to three continents. 13 min read the-mundane email-security phishing claude-code AI & Automation The Fault, Dear Brutus Everyone's debating what AI means for the future. The more interesting story is what it means for a person with a problem to solve right now. 8 min read the-mundane ai-strategy systems-thinking claude-code Perspectives Lessons from the Field (CISO) The Field CISO role is still being defined. After nine months in the seat at Praetorian, here's what the role actually is, what the industry gets wrong, and where it should go. 8 min read security-leadership field-ciso ciso vendor-security ai-agents Perspectives The First 90 Days as a CISO: The Framework The practical framework for a CISO's first 90 days: pre-engagement scoping, business-driven assessment, building the narrative, and standing up a program that lasts. 7 min read vciso security-leadership governance ciso first-90-days Perspectives The First 90 Days as a CISO: Philosophy Before Frameworks Most CISO playbooks start with mechanics. The engagements that produce lasting results start with a different question: where is this business going, and what risks does that trajectory create? 6 min read vciso security-leadership governance ciso first-90-days AI & Automation The Systems Thinker's Edge: Why AI Needs Architecture, Not Code Building production AI systems without writing code. A Field CISO's take on why architecture beats syntax. 9 min read ai-strategy systems-thinking ai-engineering security-leadership claude-code