Welcome to my website, where I write about cybersecurity, compliance automation, policy-as-code, and philosophy. I share practical insights and personal observations that I've picked up over the years, based on my unique perspective that draws from military, industry, government, and personal experience.
I spent a few days and a few dollars making my Tai Chi web app audit-ready for a FedRAMP Class C assessment. It isn’t FedRAMP Certified and never will be, but every document an assessor would ask for is live right now, and anyone can check it in about five minutes.
20x bets that automated KSI validation makes inventory questions answerable without a separate inventory deliverable. That bet only pays off if KSIs themselves carry standardized component references.
Agentic systems can easily become simulacra. Without governance anchored in genuine human intent, we get organizations that are perfectly, continuously, autonomously convinced they’re secure.
2023
Join me on a journey across America, from eastern cities to western deserts, as I search for what's really valuable.
2021
An open-minded exploration of reality using Occam's razor and the scientific method.
A practice mirror for Chen Taijiquan — record a silk-reeling movement and pose estimation compares your form to a recognized master, translating per-joint deviations into feedback grounded in Chen terminology. Private beta; login required.