Blog

My Agentic OS: How I Run 5 Projects Solo with Claude Code

I run 5 projects solo — no team, no VA. Here’s the AI agent architecture that makes it possible: 23 skills, 6 defense layers, parallel sessions, and a single config file that orchestrates everything.

CVE-2026-42945: The 18-Year-Old NGINX RCE Nobody Caught

An 18-year-old heap buffer overflow in NGINX’s rewrite module enables unauthenticated remote code execution. CVSS 9.2. Public PoC available. Here is how it works and why nobody caught it.

Harness Engineering: 6 Defense Layers I Built Around Claude Code

The model is not the product. The harness is. I share the 6-layer defense system I built around Claude Code to manage 5 projects with zero credential leaks.

Detection-as-Code: How I Cut False Positives by 60%

When you inherit a detection platform with hundreds of rules in a multi-account AWS environment, the first instinct is to add more. More rules, more coverage, more alerts.

The problem: more alerts doesn’t mean more security. It means more noise, more analyst fatigue, and more real alerts buried under false positives.

This article explains how I led a systematic program to reduce false positive volume by 60% without sacrificing real coverage.

From 8,000 to 3,000 Alerts/Week: How I Automated Security Triage with AI

Every Monday morning, I opened the alert dashboard and faced the same thing: 8,000+ alerts accumulated from the previous week. Most of them were noise. False positives, duplicates, low-risk events that someone flagged as “critical” three years ago and nobody dared to touch. I knew which ones were junk just by reading the title. But still, they all had to be reviewed.

If you work in security, you know this story. Alert fatigue isn’t an abstract concept — it’s the reason SOC teams have brutal turnover and why real incidents get buried under noise.

How I Built a Security Guardrails System for AI Coding Agents

AI coding agents have access to your shell, your files, and your credentials. I built a layered defense system with hooks, regex, Unicode normalization, and integrity verification to control what they can do. The project is open source.

How I Built an Autonomous SOC with MCP + Claude

A typical SOC (Security Operations Center) has a fundamental problem: too many alerts, too little context, and too little time.

An analyst receives an alert. Opens the SIEM. Searches logs. Switches to the identity console. Verifies the user. Opens ticketing. Checks for previous incidents. Back to the SIEM. All manual, all slow, all repetitive.

This article explains how I built a platform that automates this entire workflow.

The Architecture: MCP as the Backbone

Model Context Protocol (MCP) is the standard that allows a language model to connect with external tools in a structured way. Instead of giving the model direct API access, MCP defines a clean protocol:

How I Installed OpenClaw Locally for Free

Nobody has published a local install guide for OpenClaw — everything out there is VPS tutorials with affiliate links. Here’s exactly how I set it up on my Ubuntu PC with a 6GB GPU and Qwen 3.6 for free via OpenRouter.