About The Security Brutalist Blog
I’ve been in the security field for over 25 years, working across nearly every aspect of it. In the past decade, I’ve seen a surge of vendors pushing unnecessary "solutions", many claiming to solve problems we didn’t even know we had. Meanwhile, regulations continue to pile on new requirements, only adding to the complexity. This has made it difficult for security professionals to prioritize what actually needs attention, especially when it comes to identifying the real gaps and issues that need fixing.
We’re facing a growing need for resources, yet budgets keep shrinking. Alerts are flooding our monitoring systems, but we have no clear understanding of their root causes. New controls are being implemented, but they often fail when put to the test.
This is the reason behind Security Brutalism. It's a return to a no-nonsense, transparent, and robust approach to security, prioritizing effectiveness, simplicity, clarity, and resilience over superficial aesthetics. Security Brutalism rejects overly complex or hidden mechanisms in favor of simple, explicit policies that are easy to understand and hard to ignore. This methodology is unapologetically direct, favoring security that is visible, enforceable, and resilient across diverse environments.
The Security Brutalist Blog helps bring awareness to a simpler security style, one that focuses on core fundamentals and clear reasoning, which strengthens security culture and defense. Alongside the Security Brutalism website, it aims to simplify security by emphasizing basic controls and processes to reduce industry complexity.
If you need to contact me, please send a message to info @ this domain. If you're interested in implementing the Security Brutalism principles in your organization, check out Black Arrows.
Please consider supporting the site. Get a tshirt.
Disclaimer
The views and opinions expressed on this blog are solely my own and do not reflect the official positions or endorsements of any current or former employers, teams, clients, or affiliated organizations.
All content, including information and suggestions, is provided "as is" without any warranties or guarantees of any kind. By using or applying any material from this site, you acknowledge that you do so at your own risk. I accept no responsibility or liability for any issues that may arise, including but not limited to malfunctions, damage, or security breaches.
You are solely responsible for any actions you take based on the content presented here. If you do not agree with these terms, please refrain from using or referencing this website.
Privacy
This site does not collect personal information, track user activity, or require the submission of any data.
