Adventurers sailing around the world slowly. With a dash of musings and other ramblings.

incident response

The Forensic Terrain Problem: A Decision Framework for the Working Analyst a-cyber-investigator-standing-like-a-general-over-a-cyber

a-cyber-investigator-standing-like-a-general-over-a-cyber

The Forensic Terrain Problem: A Decision Framework for the Working Analyst

Sam April 7, 2026

There is a moment every SOC analyst knows. The alert fires, the clock starts, and the first...

The First Three Hours Inside a Cyber Incident When Panic Meets Leadership

The First Three Hours Inside a Cyber Incident When Panic Meets Leadership

Sam January 13, 2026

I am sitting in a rental car at four in the goddamn morning. The engine idled like...

Incident Response Is Controlled Chaos Why Your Plan Fails When Reality Hits view-is-inside-a-data-center-computers-in-racks-are

view-is-inside-a-data-center-computers-in-racks-are

Incident Response Is Controlled Chaos Why Your Plan Fails When Reality Hits

Sam January 5, 2026

An incident response plan is not a document. It is not a binder. It is not a...

Stop Blaming the Receptionist: Rethinking Phishing Simulations and Security Awareness

Stop Blaming the Receptionist: Rethinking Phishing Simulations and Security Awareness

Sam August 11, 2025

Every year, organizations spend huge amounts on security awareness programs. The marketing message is always the same:...

Why CISOs Keep Getting Burned by Vendors, VARs, and Vultures in Suits

Why CISOs Keep Getting Burned by Vendors, VARs, and Vultures in Suits

Sam August 6, 2025

Vendors keep saying they can end alert fatigue. That they can solve false positives. That their SIEM...