Writing
Essays on SRE, security, applied AI, and network diagnostics.
latest
What you see vs. what the browser does: adding real-render diffs
Raw fetches tell you what a server sent. A headless browser tells you what actually ran. Here is why netrecon's change-detection needed both — and the rate-limit trick that makes it work on a free tier.
More posts
- Securing and monitoring an MCP server in production MCP turns a chat UI into a system that can take actions on your behalf. That changes the security and observability story. Here is the stack I run for netrecon.
- Writing a diagnostic LLM that doesn't lie How netrecon keeps an LLM-narrated diff grounded: schema-bound outputs, no snapshots in the prompt, and citation whitelisting that silently drops hallucinated field names.
- Why raw lookup tools are not enough for SRE workflows Commodity DNS/IP lookup sites optimize for the wrong problem. Here is what engineers actually need from a diagnostics tool.
- Applied AI for infra teams: patterns that actually work LLMs are good at narrow, read-only, well-evaluated tool calls. They are bad at long autonomous loops in production. Here is the shape of the systems that actually hold up.
- How to investigate a misconfigured domain A short, opinionated playbook for the first 5 minutes of a 'the site is acting weird' incident.
- DNS is still the attack surface everyone forgets Subdomain takeovers, dangling CNAMEs, NS hijacks, and DMARC spoofing are not exotic. They are this quarter's incident. Here is what to actually check.
- SLOs that survive contact with reality Most SLO dashboards lie because they measure the wrong thing. The fix is cheaper than you think, and it is not another vendor.
- MCP for SRE: giving agents real tools, safely Model Context Protocol is the right primitive for on-call agents. It is also a footgun if you expose write tools without thinking. Here is a safer default.
- Where the edge actually lives in 2026 Cloudflare Workers, Fastly Compute, Vercel Edge, Deno Deploy, Lambda@Edge. They are not interchangeable. Here is what each one lets you measure, and what each one hides.