About

About

I make computers tell me their stories.

I’m Brett. I work in information security with a focus on blue team, incident response, and user education.

I enjoy correlating anomalous data points in logs into attack narratives, finding the holes in the fences, and shutting those holes to prevent unauthorized access.

I want to be the DFIR Batman - the world’s greatest digital detective. Less vigilantism, though. And hold the personalized super-villains. This might not be a good career choice if I want to travel to certain countries.

What I do

My interests are wide, but briefly consist of:

  • Self-Hosting services
  • Building small but realistic homelab environments to break, monitor, and repair
  • Security operations and incident response
  • Detection engineering and log analysis
  • Cloud security
  • Distrust of “decentralized” cloud services

In practical terms that means I spend a lot of time with logs, alerts, packet captures, and strange behavior on the wire, and then try to turn all of that noise into a narrative.

Background

I have a B.S. in Cybersecurity and Information Assurance from Western Governors University along with a stack of industry certifications that reflect both breadth and depth in security and infrastructure:

  • Microsoft Azure Fundamentals (AZ 900)
  • ISC2 SSCP
  • CompTIA CySA+, PenTest+, Security+, Network+, A+, Project+
  • LPI Linux Essentials
  • ITIL 4 Foundation

Before leaning fully into security, I worked in enterprise IT as a Tier 2 technician with some sysadmin responsibilities. Hence, I do have experience with the realities of production Windows and environments, virtualization, networking, and earning the right to blame DNS and DHCP.

Homelab and projects

A lot of what you see on this site comes directly from my homelab work. Highlights include:

  • A Proxmox based lab that lets me simulate small organizations, complete with segmented networks and clients
  • Security tooling such as IDS, honeypots, SIEM configuration
  • Experiments with Azure workloads, monitoring, and log forwarding into central analysis points

I write up what worked, what did not, and the “I wish I had known this sooner” lessons. These posts are here both for my own memory and for anyone else who wants to follow a similar path into DFIR and SOC work.

What this site is for

This site is my public notebook and portfolio. You will find:

  • Homelab build notes and incident style walkthroughs
  • Practical how to guides for tools I actually use
  • Links to GitHub repositories that back the write ups

If something here helps you ship a lab, solve a problem at work, or get a little closer to your first security role, then it is doing its job.

Connect

If you have questions or would like to collaborate, you can reach me here: