$ tail -f field-notes.log

Field notes.

Plain-language writing on security, software, and AI — the things we tell clients, published for everyone.

FIG. 01 — LATEST ENTRIES
2026-05-25

A Zero Trust rollout plan for organizations with no CISO

What a real Zero Trust rollout looks like for a 25–250 person organization without a dedicated security leader — what to ship in the first 30 days, the mistakes that delay it, and how to measure success.

SECURITY
// draft

What an AI security audit actually covers (and what it doesn't)

Prompt-injection scope, agent-to-tool privilege boundaries, and the line between an AI red-team and a pen test.

AI
// draft

Executive identity hardening: a 30-day program for principals

Identity audit, data-broker removal, account hardening, and the monitoring discipline that catches the next intrusion attempt.

SECURITY
// draft

Custom POS vs. Square vs. Shopify POS: when to build your own

The honest build-vs-buy decision for retail and hospitality operators — with the per-transaction math that flips it.

BUILDING
$ llab talk --confidential_

Rather talk it through than read about it?

It starts with a private, no-pressure conversation. We'll tell you honestly if we're not the right team for it.

BOOK AN INTRO CALL →