What I Learned in the First 12 Hours with OpenClaw
I spun up a self-hosted AI assistant on an old desktop running Ubuntu Server. Here's what broke, what worked, and what I'd do differently.
All Posts
The GRC SaaS Killer
GRC platforms promise to run your program. They deliver data entry, rigid workflows, and lock-in. Here's what a repo-based approach with AI models actually looks like.
Word Is Losing. Not to Another Word Processor.
Microsoft Word isn't being replaced by a better WYSIWYG editor. It's being replaced by a two-layer model: markdown as the content layer, AI as the presentation layer.
Ten Predictions for Where Security and GRC Are Headed
A forward-looking snapshot of the shifts shaping security, engineering, and GRC over the next few years.
Buying the Tool Before Building the Process
Why security teams keep buying shiny products without thinking through operational realities.
Managing Teams by Finding and Fueling Their Passions
Sustainable leadership means aligning individual motivation with team objectives.
Private, Local Audio Transcription Without Compromise
How I built my own transcription stack to keep voice data private while delivering professional results
Security is a Tradeoff, Not a Checklist
Security leadership is about solving for risk, not blindly following checklists. Informed tradeoffs often produce better outcomes.
Vendor Risk Management: Build Relationships, Guide Smart Choices, and Make Vendors Squirm
How effective vendor risk management can serve as a lever for partnership, better decisions, and stronger outcomes.
Understanding CAPTCHA: Security Controls We May Be Overtrusting
CAPTCHA tools like reCAPTCHA v3 are widely used, but not always well understood. Here’s a leadership-level look.
Why Static Websites Improve Security (and Why I Use Them)
Static website architectures like Jekyll offer important security advantages. Here's why they're worth considering.