Writing

Field notes on risk, compliance & AI

Practical, opinionated essays from the audit and cloud trenches. 22 published, more in progress.

Timeline

Topic

01 Jun 15, 2026 · 8 min read

Scanning Terraform Against Azure Policy at Build Time in Azure DevOps

Azure Policy stops noncompliant resources at deploy time. This shows how to catch the same violations earlier, in the Azure DevOps build, so a bad Terraform plan fails the pipeline instead of the deployment.

AzureSecurityGRC

Read →

02 Jun 9, 2026 · 6 min read

Strengthening Your Cloud Security Posture with Microsoft Defender for Cloud

Knowing where your cloud environment is weak is half the battle. Microsoft Defender for Cloud gives you a continuous read on your posture and maps it straight to the standards you have to comply with.

AzureSecurityGRC

Read →

03 May 30, 2026 · 7 min read

What the EU AI Act Means for Risk and Compliance Teams

The EU AI Act is the first comprehensive law to regulate AI by risk. For compliance teams the question is no longer whether it applies, but which of your AI systems fall into which tier, and what each tier demands.

AIGRCRisk

Read →

04 May 19, 2026 · 7 min read

Running Terraform in Azure DevOps Pipelines

A practical Azure DevOps pipeline for Terraform: remote state in Azure Storage, a plan you review before it runs, and an apply that only happens after someone approves it.

AzureAutomation

Read →

05 May 12, 2026 · 6 min read

Enforcing Compliance Guardrails with Azure Policy

Most cloud governance problems are not technology problems, they are consistency problems. Azure Policy lets you turn your security and compliance rules into guardrails that apply automatically across every subscription.

AzureGRCSecurity

Read →

06 Apr 21, 2026 · 7 min read

SOC 2 vs ISO 27001: Choosing the Right Framework (or Running Both)

The question I get asked more than any other is whether a company should pursue SOC 2 or ISO 27001. They overlap heavily but they are not the same thing, and the right answer depends on who is asking you for it.

SOC 2GRCRisk

Read →

07 Apr 6, 2026 · 6 min read

Deploying Bicep from Azure DevOps Pipelines

Bicep gives you clean, typed infrastructure as code for Azure, and Azure DevOps gives you a place to validate and ship it safely. Here is a pipeline that previews every change before it touches production.

AzureAutomation

Read →

08 Mar 18, 2026 · 6 min read

Eliminating Hardcoded Secrets with Azure Key Vault and Managed Identities

Connection strings and API keys sitting in config files are still one of the most common ways credentials leak. Here is how to get them out of your code for good using Key Vault and managed identities.

AzureSecurityAutomation

Read →

09 Feb 24, 2026 · 7 min read

Preparing for DORA: Operational Resilience for the Financial Sector

DORA reframes ICT risk as an operational resilience problem the board is accountable for, not an IT problem buried in a basement. Here is how I read its five pillars and where firms should focus.

GRCRiskSecurity

Read →

10 Apr 9, 2025 · 4 min read

Evaluating SOC 2 Type II Reports as a Cybersecurity Engineer

It is important to understand that data is a key element of modern society, the lifeblood of business data in the present era. As such, cybersecurity executives are required to…

SOC 2Security

Read →

11 Apr 5, 2025 · 3 min read

Will AI Agents Disrupt GRC Workflows? Yes - and Here's Why

Will AI Agents Disrupt GRC Workflows? In the ever evolving cybersecurity and compliance landscape, Governance, Risk, and Compliance GRC workflows have long been cumbersome, time intensive, and manual. But changing…

GRCAI

Read →

12 Mar 23, 2025 · 2 min read

Azure Landing Zone Review Assessment

Introduction Organizations are constantly searching for methods to harness the potential use of the cloud to operate their operational architecture and compete in today’s fast paced digital environment. As a…

Azure

Read →

13 Mar 23, 2025 · 2 min read

Implementing SOC 2 Compliance Framework

Introduction I have implemented SOC 2 compliance and am aware of the challenges. SOC 2 ensures that customer information is secure. The framework provides guidelines for security, availability, processing integrity,…

SOC 2GRC

Read →

14 Mar 12, 2025 · 2 min read

Automating Azure Resource Graph Queries with Logic Apps

Overview Azure Resource Graph Explorer enables querying resources at scale across subscriptions, management groups, and entire tenants. If you need to execute queries periodically and take action on the results,…

AzureAutomation

Read →

15 Jan 18, 2025 · 3 min read

Step by Step Guide to Connecting OpenAI with Azure Portal

The integration of the OpenAI model into the Azure ecosystem gives organizations an unprecedented opportunity to harness the power of AI for a variety of applications. Microsoft Azure makes this…

AIAzure

Read →

16 Nov 17, 2024 · 1 min read

How to Resolve VSS Writer Errors Without Rebooting

Resolve VSS Writer Errors Without Rebooting How to Resolve VSS Writer Errors Without Rebooting Scenarios Scenario 1: Failed VSS Writers Backups fail due to VSS writers in a failed state,…

Infrastructure

Read →

17 Nov 17, 2024 · 3 min read

How to Import Azure Wiki Contents into a JSON File

In today's digital age, organizations often depend on collaborative tools like Azure Wiki to streamline knowledge sharing among team members. However, there are situations when you might need to export…

AzureAutomation

Read →

18 Nov 17, 2024 · 1 min read

Veeam Known Issues: Network Failure and SSL Errors

Veeam Known Issues: Error Observed by Underlying BIO Issue Discontinuous network failures may occur when communicating with the VMware host. This is accompanied by errors such as: “Error observed by…

Infrastructure

Read →

19 Sep 20, 2023 · 3 min read

Simplifying Access Control: Introducing Temporary Access Passes in Azure

Overview In today’s ever changing business environment, it is often necessary to grant temporary access to resources within the Azure platform. Whether it be for a brief project, contractor involvement,…

AzureSecurity

Read →

20 Jul 5, 2023 · 3 min read

Configure Front Door For An Azure App

For content and apps, Azure Front Door is a cutting edge cloud content delivery network CDN service that offers high performance, scalability, and secure user experiences. This can be set…

Azure

Read →

21 Jul 5, 2023 · 4 min read

Monitoring on premises devices with Sentinel using Azure ARC

When talking about Hybrid clouds & multi cloud environments the main requirement is to monitor on premise devices. And yes when it comes to Azure cloud the monitoring is way…

AzureSecurityAutomation

Read →

22 Aug 30, 2021 · 5 min read

Using mTLS for your Organization

We used to do secure communication over the internet using TLS. After attacks such as POODLE made SSL 3.0 unsafe, mTLS (Mutual Transport Layer Security) was introduced to make client and server connections secure and trusted…

SecurityInfrastructure

Read →