Zero Trust
Lessons from the field. Always landing on my feet.
Sentinel MCP Server: Securing Your SOC's New AI Attack Surface
In September 2025, Microsoft announced the Sentinel MCP Server, a Model Context Protocol implementation that lets MCP-compatible AI assistants query your Sentinel data using natural language. Microsoft highlights GitHub Copilot, Copilot Studio, and β¦
Secure Your Container Supply Chain: SBOM, Signing & Attestation with GitHub Actions
Over the last couple of weeks, Iβve been diving deep into container supply chain security. Between high-profile incidents like SolarWinds, Log4Shell, and the xz Utils backdoor, itβs clear that securing the build pipeline is just as critical as β¦
Terraform 1.11's Game-Changer: Keep Secrets Out of State for Good
If youβve worked with Terraform and secrets, youβve probably wondered: βWait, is my password actually in that state file?β The answer has historically been: yes. The sensitive = true flag does a great job hiding values from CLI output, but the state β¦
Securing the Agentic Workforce: Microsoft's Zero Trust for AI Agents
The enterprise is entering uncharted territory. AI agents, autonomous systems that can browse the web, execute code, access databases, and interact with third-party services, are no longer experimental. Theyβre being deployed at scale. And theyβre β¦