Posts

The Fallacy of Cybersecurity by Backlog: Why Counting Patches Will Never Make You Secure

By a Former Engineer Turned Cybersecurity Leader For much of my twenty years as a software and security engineer, and now as a cybersecurity executive, I have watched organizations cling to a deeply flawed belief: that security maturity is reflected in the length of the patch backlog, the volume of vulnerabilities closed, or the number of tickets resolved in a quarter. Entire cultures are built around these metrics. Dashboards glow green when patch counts dip. Leaders celebrate the deletion of Jira, SNOW, etc. tickets as if the act of closing them somehow hardened the enterprise. But this fixation on downstream remediation creates an illusion of control while masking the fundamental problem upstream, there is an innovation pipeline that lacks guardrails, architectural clarity, and secure defaults. The symptom becomes the scorecard, and the root cause remains untouched often under a guise of promoting freedom. Security teams often find themselves in a perpetual treadmill of “forever f...
Read more

White Paper II: Passive vs. Active IPv6 Scanning in Enterprise Reconnaissance Architectures

Abstract The transition to IPv6 introduces both opportunities and complications for network discovery, drastically altering the assumptions that underlie reconnaissance tools designed for IPv4. The IPv4 era normalized active scanning as the default discovery mechanism. Tools performed linear or parallelized sweeps across small address spaces, used predictable ARP behavior to observe hosts regardless of activity, and leveraged ICMP or TCP handshakes to validate the existence of endpoints. In contrast, IPv6’s massive address space renders blind active enumeration infeasible, while its reliance on multicast-driven Neighbor Discovery introduces alternative visibility pathways that do not require sending a single packet. As organizations modernize their networks and transition to IPv6-native services, defenders must rethink how to discover assets, track topology, and understand device behavior. This white paper contrasts passive and active IPv6 reconnaissance, articulating when each is viab...
Read more

White Paper I: Primer to Passive Discovery and Topology Inference in IPv6 Networks Using Neighbor Discovery Protocol

Introduction IPv6 drastically reshapes the surface of network reconnaissance, replacing the narrow 32-bit address space and broadcast semantics of IPv4 with expansive subnets and a multicast-centric control architecture. In this new model, Neighbor Discovery Protocol (NDP), Multicast Listener Discovery (MLD), and ICMPv6 signaling collectively define how hosts announce their presence, interact with routers, form addresses, resolve local neighbors, and verify reachability. Although this model was engineered for efficiency and stateless configuration, its reliance on predictable multicast traffic introduces a rich layer of metadata that can be quietly harvested by a passive observer. This paper explores the extent to which NDP, and its associated control protocols, leaks meaningful information about a network’s hosts, topology, addressing structure, and operational state. It also outlines how these behaviors can be transformed into the foundation of a silent IPv6 reconnaissance system cap...
Read more

Leading Cybersecurity Engineering as a Former Engineer: Translating Technical Depth Into Enterprise Value

In large enterprises, cybersecurity leaders who come from engineering backgrounds have an increasingly critical role to play. They bring a systems-level way of thinking that naturally aligns with the complexities of cyber risk, operational scale, and organizational accountability. But the shift from being an engineer to leading an engineering organization, especially in cybersecurity, requires more than technical fluency. It requires the ability to translate deep technical insight into business outcomes, stakeholder trust, and internal platforms that solve problems the company doesn’t yet have language for. This is the journey many engineering-born leaders face: evolving from the person who understands how systems fail to the person who builds organizational mechanisms that prevent those failures at enterprise scale. Engineering leaders hold a structural advantage because they understand how theoretical security behaves under real-world pressures. They know how identity systems break...
Read more

Discovering IPv6 Assets in the Enterprise: A Modern Approach to Network Visibility

The transition from IPv4 to IPv6 brings a profound shift in how enterprise networks must approach asset discovery. Traditional scanning strategies, built on the assumption that address spaces are small and exhaustively enumerable, collapse under IPv6’s 2¹²⁸ address model. A single IPv6 /64 contains more possible interface identifiers than all IPv4 addresses combined, making any brute-force scanning technique effectively impossible. Yet the need to identify, classify, and monitor devices remains fundamental to security architecture. The challenge, then, becomes leveraging IPv6’s built-in control-plane behavior, multicast communication model, and operational infrastructure to surface active hosts without attempting wholesale enumeration. What emerges is a modern discovery strategy rooted not in raw address sweeping, but in intelligent protocol awareness, passive observation, and infrastructure integration. Unlike IPv4, IPv6 completely eliminates broadcast. Instead, the protocol relies h...
Read more

Leading Software Engineering Teams: Balancing Personalities, Outputs, and the Friction That Makes Innovation Possible

Software engineering is fundamentally a people discipline disguised as a technical one. Most teams don’t fail because of a lack of intelligence or tooling; they fail because the human system surrounding the codebase is misaligned. The friction points, different personalities, different problem-solving styles, different appetites for risk, and even quiet resentments that accumulate over sprints, are what determine velocity far more than any language or framework. A strong engineering leader’s role is not to eliminate these tensions, but to harness them productively. Diverse engineering approaches are assets, but only if the team has a shared process for debating ideas, evaluating trade-offs, and iterating together without devolving into ego protection or turf wars. This article outlines the key dynamics at play, provides a concrete use case illustrating how multiple valid technical approaches can create interpersonal friction, and offers actionable strategies for leaders to facilitate...
Read more

Quasiparticles in Traditional Fiber Networks: Applications, Benefits, and Experimental Pathways

Abstract Traditional fiber-optic networks owned by large telecommunications providers offer a vast, already-deployed infrastructure for future quantum communication services. Recent advances in quasiparticle physics, in particular phonons, magnons, and hybrid photon-matter excitations, provide mechanisms for integrating quantum functionality into existing fiber plants rather than constructing bespoke quantum networks from scratch. This paper explores how quasiparticles can be leveraged in conventional telecom fiber environments, outlines the potential benefits for operators, and proposes both physical and mathematical experiments to evaluate feasibility. Particular attention is paid to phonon-mediated interactions such as stimulated Brillouin scattering in fibers, hybrid magnon-phonon-photon transducers at central offices, and telecom-band quasiparticle qubits that interface directly with DWDM systems. 1. Introduction Telecommunications providers such as Comcast and Verizon operate...
Read more