Essays
Notes from the work. One or two pieces a month on patterns observed across engagements — continuity, security, storage, observability, and the seams between them. Opinions are our own; specifics are aggregated.
-
Building a Security Practice Inside an Established Operator
Standing up a security function inside an existing operations organization is a different problem than building one greenfield. Most of the failures we see come from trying to import large-security-shop patterns into a small-operator context. The patterns that work are less glamorous and more effective.
-
Vulnerability Management Is a Continuous Function, Not a Scan Cadence
Most vulnerability management programs we inherit are structured as periodic events producing static artifacts. That structure produces worse outcomes than the same spend distributed as continuous operations. Here's how the frame changes the work, and what the math looks like when it does.