Occasional writing on security operations, tooling, and the overlap with software engineering.
The best security work I've done hasn't been catching threats — it's been eliminating the work required to catch them.
Detection rules are software. We version control our application code, write tests for our logic, and do code review before shipping to production. Most SOCs still don't apply the same discipline to detections.