I’m Max, a security engineer with 12+ years. I write about building secure systems, trading infrastructure, and homelab setups β always with real code and real tradeoffs.
This page is your roadmap. Pick a learning path below, start with the pillar guide, then work through the posts in order.
πΊοΈ Choose Your Learning Path
π Security Engineering
Start here β The Complete Kubernetes Security Guide
Then work through these in order:
- Pod Security Standards β Enforce least-privilege at the pod level
- Secrets Management in Kubernetes β Seal, rotate, and audit secrets
- Docker Security Best Practices β Harden images and runtime
- Supply Chain Security β SBOMs, signing, and provenance
- Terraform Security Best Practices β Secure IaC from plan to apply
- GitHub Actions Security β Lock down CI/CD pipelines
- Zero Trust Architecture β Network security beyond the perimeter
π‘οΈ DevSecOps
Start here β The Complete DevSecOps Guide
Then dive deeper:
- GitHub Actions Security β Hardening your CI/CD workflows
- Terraform Security β Policy-as-code and drift detection
- Supply Chain Security β Dependency scanning and SBOM generation
- Docker Security β Build and runtime hardening
- CVE Deep Dives β Analyzing real-world vulnerabilities
π Homelab Infrastructure
Start here β The Homelab Security Guide
Then build out your lab:
- TrueNAS Setup Guide β Storage foundation for your homelab
- OPNsense Network Segmentation β VLANs and firewall rules
- Secure Remote Access β VPN and tunnels done right
- Wazuh & Suricata β SIEM and IDS for your network
- Backup & Recovery β The 3-2-1 strategy in practice
- UPS & Battery Backup β Protect against power failures
- Running Ollama Local LLM β Self-hosted AI on your own hardware
π Algorithmic Trading & Finance
Start here β The Algorithmic Trading Engineering Guide
Then explore the strategies:
- Options Strategies β Spreads, straddles, and risk-defined trades
- RSI, Ichimoku & Stochastic β Technical indicators that actually work
- Risk Management β Position sizing and drawdown control
- Insider Trading Detector β Anomaly detection on SEC Form 4 data
- SEC Filings API β Programmatic access to EDGAR data
Also explore β The Pre-IPO Investing Guide β Valuations, due diligence, and secondary markets
π§ Developer Tools & Productivity
Start here β The Developer Tools & Productivity Guide
Tools I’ve built or written about:
- Claude Code Review β AI-assisted code review workflows
- Git Worktrees β Parallel development without branch switching
- QuickShrink β Image compression tool
- PixelStrip β Background removal tool
- TypeFast β Typing speed trainer
- JSON Forge β JSON formatting and validation
- HashForge β Hash generation utility
- RegexLab β Interactive regex tester
β Most Popular Posts
Not sure where to start? These are the most-read posts on the blog:
- The Complete Kubernetes Security Guide β The definitive guide to securing K8s clusters
- Vibe Coding Security β What happens when AI writes your code and nobody reviews it
- The Homelab Security Guide β Enterprise-grade security for your home network
- Self-Hosted GitOps β Running your own Git infrastructure with CI/CD
- Algorithmic Trading Engineering Guide β Building trading systems that don’t lose money
- Claude Code Leak Analysis β Deep dive into the leaked system prompt
π About Me
I’m Max L β a security engineer with 12+ years of experience, building production systems at Big Tech scale. I write here because I believe security knowledge shouldn’t be locked behind enterprise paywalls. Every post includes real configs, real code, and real tradeoffs.
Have a question or suggestion? Reach out via the About page.