-
IPS False Positives in OT Environments: Tuning FortiGate to Stop Blocking PLCs
IPS signatures designed for enterprise IT traffic will classify legitimate OT protocol behavior as attacks — tuning is not optional in manufacturing networks.
-
Container Escape Prevention: What Stops a Compromised Pod From Owning the Node
A container with hostPID, hostNetwork, or privileged mode enabled is not meaningfully isolated from the host — it is a shell on the node with extra steps.
-
Building an AI Automation Pipeline with Claude Code, MCP, and RAG: Lessons from Production
How we rebuilt a broken RAG pipeline, wired Claude Code to MCP servers, and integrated Codex as a subagent — and what the production data taught us afterward.
-
FortiGate Certificate Inspection for Office 365: Why Teams Breaks and How to Fix It
Microsoft Office 365 uses certificate pinning for Teams and OneDrive — deep SSL inspection will break these applications unless Microsoft IP ranges are exempted from inspection.
-
GitHub Copilot vs Cursor vs Claude Code: A Network Engineer Tests All Three
GitHub Copilot is the best autocomplete. Cursor is the best editor integration. Claude Code is the best infrastructure automation assistant. They are not competing for the same job.
-
Policy-Based Routing vs Route-Based: The Mistake That Broke Our Failover
Policy-based routing overrides the routing table — a PBR rule pointing to a dead link will blackhole traffic even if a route-table failover exists.
-
Python Network Config Backup: Automating Multi-Vendor Device Snapshots
A network configuration that was never backed up before a failure is a full rebuild — version-controlled daily config backups are non-negotiable for production environments.
-
Claude API in Production: Rate Limits, Cost Control, and Reliability Engineering
Prompt caching alone cut our Claude API costs by 38% — most teams using Claude in production have not enabled it, and it is two lines of code.
-
MCP Deep Dive: Building Custom Tools That Make Claude Actually Useful for Ops
A well-designed MCP tool schema is the difference between Claude taking the right action and Claude taking a plausible-looking wrong action — parameter names and descriptions are not cosmetic.
-
AI Agents That Control Your Network: What You Should and Should Not Automate
The safest AI automation boundary is: Claude can read everything, recommend changes, and execute only reversible actions — irreversible changes require a human in the loop.
-
Terraform State File Security: Who Has Access to Your Infrastructure Secrets
Terraform state files contain every resource ID, configuration value, and sensitive output in plaintext — a state file stored in a public S3 bucket is equivalent to a publicly accessible database cred
-
AI-Powered Incident Response: How Claude Became Our Tier-1 On-Call
The goal is not to replace human engineers — it is to handle the 70% of alerts that are predictable and well-documented before waking anyone up at 3am.