Detection & compliance, in the open
Practical write-ups on detection engineering and making compliance actually mean something.
Why we build security on open source
Commercial SIEMs sell you visibility and quietly take away control. We build on open source so you keep what you pay for.
A field guide to nftables egress filtering
Most teams firewall what comes in and ignore what goes out. Egress filtering is where you actually contain a compromise.
Spotting bots at the edge with JA4 fingerprints
A client's TLS handshake says more than its User-Agent. JA4 tells a real browser from a scanner before any HTTP is sent.