Insights

Practical security thinking.

Notes on strategy, assessments, and building a security program that holds up — written for the people who have to make the decisions.

Latest
Security Strategy·Jun 18, 2026·6 min read

Where to start when your security program has no plan

Before tools, before audits, before a single new hire — the first job is deciding what "better" means, and in what order.

Read the piece
Article artwork
In the pipeline
Application SecurityReading a penetration test report without panicking
Drafting
Risk & ComplianceSOC 2 readiness: what actually moves the needle
Drafting
Vulnerability Mgmt"Patch everything" is not a strategy
Planned
Threat ModelingThreat modeling for teams that have never done it
Planned
Field Notes

A second lane for everyday security — password managers, 2FA, safe browsing for households and small businesses. Plainspoken, no jargon.

Visit Field Notes