hi — i’m oj.

i write short, practical security notes to show how i learn, reason, and ship — vendor-agnostic and ready to run.

now:: security analyst @ mls • mscs @ georgia tech
focus:: email & cloud security • threat hunting
overview:: detections • examples • rationale

email linkedin x github

why this exists

clarity first. explain → configure → verify.
trace my thinking. decisions, trade-offs, and gotchas — not just the happy path.
grow over time. add posts as i learn; mark updates when i revisit topics.

what you’ll find

notes across domains. email security, cloud & identity, detection engineering, incident response, and operational hygiene.
standalone posts, with optional paths. most notes work on their own; when a sequence helps, i group them into a loose series.
practical artifacts. detections, runnable examples, and the rationale behind them.
tags to jump around. some tags (like “email security”) have a rough order if you’re starting fresh.

if you spot anything off, tell me. i’m a lifelong student, refining my understanding as i go.

objectives

make it easy to learn a thing end-to-end without fluff.
write like i’m handing this to a teammate to run tomorrow.
keep notes maintained (published + updated dates on every post).

focus areas

email security — block spoofing/abuse while keeping good mail moving.
cloud & identity — secure defaults, least-privilege, clear boundaries.
detection engineering — raise signal, reduce noise, test what we ship.
operational hygiene — simple guardrails, clear playbooks, steady improvements.

currently exploring

refining controls so high-signal events get through and noise stays out.
metrics that show what’s working and what to fix next.
agent-assisted workflows to remove repetitive steps and speed response.
applying topics i study to real systems: networks, security, and ml safety.

new here? the shortlist →
curious how this site works? source on github ↗