It’s been a long while since I’ve posted regularly on this blog. A combination of changing roles, consulting work that couldn’t be discussed publicly, and the general inertia that sets in once you’ve stepped away from a regular writing habit all contributed to what became years of radio silence.

But I’m back, and this time with both renewed purpose and some powerful new tools in my arsenal.

Back to the Technical Coalface

I’ve recently returned to a more technical position within the org where I’ve worked some time. There’s something deeply satisfying about getting your hands dirty with tools, code, configurations, and the occasional cursing at obscure error messages that just don’t make sense.

The experience I’ve gained over 15 years in the IT trenches still has so much validity in my current cyber role. For example:

  • Helping a client tune the noise out of their 50K+ endpoint Carbon Black environment - I can quickly identify what’s a legitimate process vs what isn’t due to closely monitoring AppLocker logs for years.
  • Performing a security assessment of a highly secure client environment that’s built purely on Linux and OSS components, yet the underlying concepts map neatly across to technologies that I’ve used for 2 decades.
  • Setting up the ELK stack and Zabbix for a client in the Pacific, I could leverage my years of experience running tools like Hobbit, Big Brother, and even Zabbix on Linux

Pragmatic security uplift and actually making a difference at the coalface was why I moved across into cyber in the first place. It’s great to be back doing that, rather than just checking boxes for the sake of compliance.

I relish the problem-solving aspect of technical work - that moment when everything finally clicks and works as intended. It’s also a constant reminder of how quickly our industry evolves. Technologies that were cutting edge when I last blogged regularly are now considered mature or even approaching legacy status.

That said, the same basic controls still apply, and in my experience are rarely put in place - even in household name businesses! (there’s an idea for another blog post)

This return to technical work means I’m once again accumulating those little nuggets of hard-won knowledge that feel are worth sharing. The kind of practical solutions that save someone else the three hours of troubleshooting that I just went through.

The LLM Revolution

The other major factor in my return to blogging is, without question, the transformative impact of large language models. It’s not hyperbole to say that LLMs have fundamentally changed how I approach technical content creation.

What used to take days of coding and documentation can now be accomplished in hours through collaborative development with AI. This dramatic acceleration makes it much easier to justify the time investment in documenting and sharing solutions.

An example I experienced recently was that I could simply take a copy of my troubleshooting process in the Linux CLI, drop it into Claude, and then with a bit of back-and-forth, have a polished how-to document to share with my colleagues. LLMs have made this brain dump -> shareable documentation process much simpler.

AI handles much of the mundane work, while I focus on the value-added expertise and experience that only humans can provide.

The Technical Writer’s Multiplier Effect

What I’ve discovered is that LLMs function as an incredible force multiplier for technical content creation and innovation. They don’t replace the need for deep expertise. In fact, they make it more valuable than ever, but they dramatically reduce the friction involved in transforming that expertise into shareable knowledge.

Take this very blog revival, for instance. Getting the site back up and running involved:

  1. Setting up Jekyll on GitHub Pages, something that I’d abortively attempted several times in the past
  2. Finding and exporting my old WordPress content
  3. Working with Claude to build a custom migration tool
  4. Refining and formatting the exported content for Jekyll
  5. Deploying the refreshed site to GitHub Pages

What might have been a weekend project became an evening’s work. That shift in the time-to-value equation makes it much easier to justify investing in knowledge sharing.

What to Expect

Going forward, you can expect a mix of content here:

  • Practical solutions to real-world technical problems (with a focus on cloud security, SIEM, and identity management)
  • Observations on how AI is changing technical work and knowledge sharing
  • Deep dives into interesting security challenges and their solutions
  • Occasional ruminations on the evolving nature of technical work in the age of AI

I’m not promising a strict publishing schedule. Consulting life is still unpredictable, but I am committing to sharing of useful technical content, particularly in areas where I see others struggling with the same challenges I’ve faced.

Final Thoughts

In some ways, the advent of LLMs seems to invalidate the need for blogs. Are people even going to read a blog? Or will they just ask their Chat LLM of choice for a solution?

In other ways, however, the need for human-generated, or at least human-curated content has never been greater. There’s so much AI-generated slop being churned out simply in the hope of farming engagement that it needs to be offset with quality content.

If you’re a technical professional who’s been on the fence about starting or reviving your own blog, I’d encourage you to give it a try in this new LLM-assisted paradigm. The barriers to entry have never been lower, and the benefits-both to your own professional development and to the broader community-remain as valuable as ever.

Here’s to sharing useful knowledge again. It’s good to be back.