Notes from the security trenches: A SysEngineer’s ongoing journey¶

Welcome to my ever-growing collection of security notes—where theory meets panic, best practices collide with real-world chaos, and half the battle is remembering which cloud console I’m logged into. These pages are a mix of guided learning (courtesy of TryHackMe’s tough love) and hard-earned lessons from configuring things that should work but rarely do on the first try (or second, or third,… Consider this part documentation, part therapy session.

The topics here span from SSDLC methodologies (because “we’ll add security later” is a lie) to securing obscure services you didn’t even know existed until they showed up in a compliance audit. There’s threat modelling (aka “imagining how Dave might break everything”), security automation (so robots can share our pain), and identity management (where “least privilege” fights a losing battle against “but I need admin”).

This is a living document. Some sections are polished; others are just placeholders for future frustration, waiting for the day I inevitably misconfigure a WAF or accidentally expose a database to the entire internet. Proceed with caution, double-check my work, and for the love of all things holy, don’t treat these notes as your only line of defence.