January 10, 2026•1 min read
How I Validate Detections with Safe Simulations
Using the MITRE ATT&CK framework to run safe, controlled attack simulations and verify my defenses are working.
#Incident Response#MITRE ATT&CK#Testing
Blog
Notes on security operations, detection engineering, and home lab troubleshooting.
December 15, 2025•1 min read
Suricata + Wazuh: Getting Network Alerts into a SIEM
A technical guide on integrating Suricata's EVE JSON output with Wazuh for centralized thread detection.
#Suricata#Wazuh#Networking
December 1, 2025•2 min read
What I Learned Deploying Wazuh at Home
Reflections on building a home SOC, the challenges of noise reduction, and why comprehensive visibility is harder than it looks.
#Wazuh#Homelab#SOC Notes