Up up & away

Some notes I took during one of the BICMP 2026 Cohort meeting include:

Tines

DBProtect

Cellebrite

Axiom Forensics

80Lab

Exterro

Today I am working on some more cybersecurity related material. I am taking on the role of a security analyst by utilizing Kusto Query Language (KQL) and Azure Data Explorer to examine logs and trace attacker activity to piece together an unknown story. In practice, writing KQL queries and running them against data will look like this:

I find a suspicious email. The email contains a link.

The link has a domain. I look up the domain in DNS records.

The domain resolves to an IP. I search for that IP in network logs.

The network logs show someone visited it. I identify who.

That person's machine has new files. I find malware.

As previously stated I am working with Azure Data Explorer but soon I hope to apply these concepts learned to other industry standard programs such as Splunk, Crowdstrike and/or Microsoft Sentinel.

Some of these concepts include (but are not limited to):

Querying and analyzing log data

Identifying suspicious activity

Pivoting across multiple data sources

Investigating potential intrusions

Building investigative reasoning skills

Lately, I’ve been knee-deep in my homelab, exploring what it really means to self-host and manage services in a Dockerized environment. It’s one thing to read about containerization, but it’s another to build and troubleshoot it on your own system — where every permission error, missing dependency, and YAML misalignment becomes a lesson in systems administration. My current project, running Glance, a self-hosted dashboard app, has been both a technical challenge and a rewarding crash course in Linux fundamentals, networking, and Docker architecture.

Setting up Glance required more than simply running a container — it demanded a full understanding of Docker volumes, port mapping, and dependency management. I’ve had to dive into configuration files, track down missing packages, and even restructure file mappings when updates changed directory paths. What initially started as “just getting something to run” has turned into a deep, practical education in how containerized systems communicate, how environments are isolated, and how small mistakes in configuration can ripple through an entire stack.

This week I dove deep into leveling up my technical skill set by setting up a dual-boot system with Debian Linux alongside Windows. It wasn’t a smooth ride — and that’s exactly why it was so valuable. From resizing partitions to creating and configuring the correct mount points, to manually setting up a network interface without a GUI, every issue required real troubleshooting.

I used AI throughout the process as a dynamic learning companion — not just to solve problems, but to teach me why something worked (or didn’t). This approach has helped me absorb Linux fundamentals while building real confidence in navigating the command line.

To apply what I’ve been learning, I also started building my first CLI-based password manager in Python. It’s simple, secure, and a perfect way to practice encryption, user interaction, and file management. Eventually, I plan to build a web interface, but for now, getting hands-on with the logic through the CLI has been the perfect starting point.