
AI Augmented Alert Triage: When More Visibility Creates a New Problem
How a locally hosted LLM triage layer transformed a noisy Wazuh SIEM from a source of alert fatigue into an actionable, privacy-preserving SOC for the homelab.
Technical articles, tutorials, and insights on cybersecurity, network security monitoring, and defensive security operations.

How a locally hosted LLM triage layer transformed a noisy Wazuh SIEM from a source of alert fatigue into an actionable, privacy-preserving SOC for the homelab.

A step-by-step command reference for completing Cisco NetAcad Network Defense Lab 4.5.5 in Packet Tracer. Covers creating and applying a named standard ACL on R1 to restrict File Server access, with full command sets, expected outputs, and verification steps.

A step-by-step command reference for completing Cisco NetAcad Network Defense Lab 3.4.5 in Packet Tracer. Covers TACACS+ configuration on R2 and RADIUS configuration on R3, with full command sets, expected outputs, and troubleshooting notes.

Most organisations treat High Availability as a cradlepoint problem. After eight years of 2am callouts and hundreds of server room visits, I can tell you it almost never is.

What supporting remote engineers as their eyes on the ground taught me about asking the right questions first.

Zero Trust is built on identity verification and continuous validation — yet stateless packet inspection quietly underpins it all. Here's why that makes perfect architectural sense.

Network segmentation, inter-VLAN routing, and the disciplined thinking behind a secure-by-design small office environment — from threat model to operational posture.
How to use USBDeview to monitor, audit, and investigate USB device activity in a security-focused homelab environment

Interactive offline-capable Google Dorking tool for OSINT professionals. Build complex search queries with 40+ operators, templates, and history management.

Practical guide to using Wireshark display filters for network forensics and threat hunting