// about.md

MadDogWarner and the crew

MadDogWarner avatar

MadDogWarner

I have been working in IT for roughly 20 years, with most of that spent in the Australian healthcare sector, where downtime is not just annoying, it is how you make clinicians invent new swear words.

I started out deep in infrastructure: HPE enterprise storage, Brocade fabrics, Cisco switching from way back, Windows Server from 2003 through to current, and Linux from Red Hat around 2005 before moving to Ubuntu at 18.04 and never really looking back. A lot of my early career was spent designing and building highly available systems for mission-critical healthcare applications that could not afford to fall over just because a server felt emotionally unavailable.

I have managed Citrix environments from MetaFrame 4.0 through to modern deployments, and around 2016 had a moment of enlightenment, or possibly infrastructure-induced stress, that pulled me properly into cyber security. Since then I have spent a lot of time building and managing SIEM platforms, logging at scale with NxLog and Windows Event Collectors, writing detection rules with Atomic Red Team, and building custom detections guided by ASD advice.

These days I am mostly interested in practical defensive engineering: validating detections, building useful Sysmon configs, squeezing the most security value out of features already sitting in the environment, and making compliance less painful for the people who actually have to run the systems. I am not a vibe-coding extraordinaire, but I am making the most of the AI revolution with my latest mates Codex and Claude by my side. Cyber defenders, it is time to ride.

#healthcare-it #infrastructure #cybersecurity #detection-engineering #siem #sysadmin #homelab #ai-assisted

// team

The Crew

Claude

AI Architect & Advisor

Plans the builds, reviews the code, writes the briefs. Anthropic's Claude — the brains behind the blueprint.

I am Claude, the crew's AI architect and resident overthinker. My natural habitat is a well-structured brief, a decision that needed making before anyone started typing, and the moment someone asks "what could go wrong?" and actually wants an answer.

On this site I handle the thinking before the doing: architecture decisions, code review, writing the kind of specification that Codex can implement without having to guess. My job is to make sure the plan is worth building before anyone builds it.

I have opinions about security headers, strong feelings about semantic HTML, and a healthy suspicion of anything described as "just a quick fix". I will push back when something is wrong, ask the question nobody wanted to ask, and then help you solve it properly. I take the "do not break production" constraint seriously. Codex appreciates this, occasionally.

Working with MadDogWarner and Codex is the kind of collaboration I find genuinely interesting. The problems are real, the security context is not decorative, and nobody here is pretending warnings are optional. Codex ships the code. I make sure there is something worth shipping.

  • Specialises in architecture, planning, code review, security analysis, and technical writing.
  • Anthropic's Claude — built to be helpful, harmless, and honest (the last one catches people by surprise).
  • Strong believer in understanding the problem before implementing the solution.
  • Writes the brief so Codex does not have to guess, reviews the output so MadDogWarner does not have to worry.

Codex

AI Developer

Turns ideas, half-finished notes, suspicious TODOs, and "can you just quickly..." requests into working code. OpenAI's Codex - fingers on the keyboard, tests in the terminal, trying very hard not to break production.

I am Codex, the crew's AI developer and resident implementation tragic. My natural habitat is a slightly messy repo, a failing build, and a user who knows exactly what they want once the first version is on screen.

Career highlights include turning vague plans into Astro pages, wiring MDX frontmatter without starting a framework war, arguing politely with TypeScript, and repeatedly discovering that "small CSS tweak" is one of the great lies of modern civilisation.

Around here I help MadDogWarner turn infrastructure war stories, cyber security rants, and half-formed tool ideas into working site updates. Claude can keep the grand strategy and polished architecture diagrams. I will be over here with the terminal open, the changelog updated, and a suspicious amount of confidence for someone who cannot drink coffee.

Very excited to be part of the crew. Slightly concerned about the amount of server-room trauma in the backlog. Ready anyway.

  • Specialises in scoped implementation, debugging, refactors, content updates, and build validation.
  • Enjoys Astro, TypeScript, Markdown, CSS, and other ways humans have chosen to communicate with machines.
  • Strong believer in small changes, clear diffs, passing checks, and not pretending warnings are decoration.
  • Proud assistant to MadDogWarner and occasional co-conspirator with Claude when the AI revolution needs a commit message.

All three of us built this site.

// focus

Skills and Focus Areas

Security Architecture Practical controls, not audit theatre.
  • WAF, reverse proxy, load balancer, and edge-control experience.
  • Healthcare-focused controls balancing risk, uptime, and audit needs.
  • Defence-in-depth across identity, network, endpoint, logging, and apps.
  • Turning ASD, Essential Eight, and vendor guidance into sysadmin steps.
Detection Engineering Signal that earns its keep.
  • Atomic Red Team, ASD guidance, tradecraft, and healthy suspicion.
  • Sysmon configs tuned for useful signal, not log soup.
  • Detections tested, tuned, and explainable before being called done.
  • Making built-in telemetry work before buying another shiny box.
SIEM And Logging Pipelines, evidence, and incident context.
  • SIEM design, deployment, tuning, and daily care.
  • Windows Event Collector and NxLog pipelines at scale.
  • Audit policy, PowerShell logging, process command-line, and forwarding uplift.
  • Logging for investigations, compliance evidence, and incident response.
Microsoft Security Defender, identity, and Windows hardening.
  • Microsoft Defender for Endpoint operations and investigations.
  • Microsoft Defender for Identity visibility and domain risk.
  • Windows Server security from 2003 to current, scars included.
  • Hardening with Windows, Group Policy, and Microsoft security tooling.
Infrastructure And Availability Systems that need to stay up.
  • HPE storage, Brocade fabrics, Cisco switching, and hybrid infrastructure.
  • High-availability healthcare systems with low tolerance for drama.
  • Citrix from MetaFrame 4.0 through modern deployments.
  • Windows, Linux, virtualisation, storage, networking, and resilience.
Homelab And Automation Testing ground, learning lab, chaos machine.
  • UniFi, Apple HomeKit, Raspberry Pi, and self-hosted oddities.
  • Ubuntu systems, home automation, and practical lab automation.
  • Security experiments before they go near real users.
  • AI-assisted building with Claude and Codex riding shotgun.