Posts

Notes and essays on thoughts, tech, and latest projects. For experiences and shipped work, see Work.

2026

• Apr 24My Take on Matt Pocock’s Talk: Why Software Fundamentals Matter More Than Ever

2025

• Sep 7SOC Reports Demystified: Types, Criteria, and Audit Roadmap
• Aug 31Practical Guide to ISO 27001:2022 Certification and Beyond
• Aug 28Jargon-Free Guide to Security Compliance
• Aug 26A Practical GDPR Playbook for Engineers
• Aug 20The Modern Playbook for Data Protection: Lessons from PCI DSS v4.0
• Jul 15What is Tokenization and Why Should You Care?
• Jun 3Everything You Should Know About Mutual TLS
• Apr 23The Secret Language of Secure APIs: JWE and JWS
• Mar 10Predicting Fraudsters: A DoorDash Case Study

2024

• Nov 6Cloud Governance: An AWS IAM Case Study