Security as a craft

Security here means the hands-on kind: hardening systems, authenticating mail properly, cleaning up after attacks, and understanding how things actually get broken.

I hold a CISSP, but the posts in this section are not about frameworks or audits. They are about the concrete work: getting SPF, DKIM and DMARC right so legitimate mail is trusted and forgeries are not; hardening the services I run; recognising the patterns that malware and bots leave behind; and writing up incidents once they are resolved, so the lesson outlives the fire.

I keep these write-ups deliberately free of anything that would help an attacker: no live hostnames, no internal addresses, no configuration you could turn against a running system. The value is in the reasoning, not in a recipe for someone else's break-in.

Expect posts on mail security, hardening and incident analysis. If a post ever reads like a how-to for attacking something, I got it wrong and would want to hear about it.

Author:René Zingerle,CISSP,SSCP
Last Update: 08.07.2026