Blog Archive

Sections

• Foundation (Core Philosophy)
• Implementation Framework
• Leadership & Strategy
• Specialized Applications
• Practical Tools & Methods
• Survivability Engineering
• Advanced Concepts
• Brutalist Security Team
• Questions From Readers
• Brutalist Security Rules
• The Rest

Reflections

• Zen
• Philosophical Musings
• Lines in the Sand: A Security Brutalism Story

Foundation (Core Philosophy)

• 2025-05-04 Form Follows Function. Security Follows Form.
• 2025-05-14 What Is Security Brutalism?
• 2025-05-14 Security Brutalism Presentations
• 2025-05-20 Security Brutalism Fundamental Controls
• 2025-05-25 The 7 Cs of Security Brutalism
• 2025-05-30 Entropy Always Collects Its Debt
• 2025-06-01 What You Cannot Simplify, You Must Contain. What You Cannot Contain, You Must Kill.
• 2025-06-02 The (Unfluffed) Laws of Security Brutalism
• 2025-06-09 The Doctrine of Security Brutalism
• 2025-08-01 The Ethos of Security Brutalism
• 2025-08-01 Security Brutalism Truths
• 2025-08-31 Security Brutalism Presentation: Doctrine Not Tools
• 2025-09-09 The Laws of Security
• 2025-10-12 What is Security Brutalism? Here's a 6-minute Video
• 2025-11-27 Security Brutalism meets the World of AI
• 2025-12-17 Security Brutalism and Resilience
• 2026-01-10 Threat Modeling and Brutalist Security Practices
• 2026-01-22 Simplicity As A Security Discipline
• 2026-02-01 Security Brutalist Guide
• 2026-03-06 Security Is What Survives Contact With Reality

Implementation Framework

• 2025-04-24 Security Brutalism Risk Method
• 2025-05-15 Building A Brutalist Security Program: A Complete Guide
• 2025-05-28 Brutalist Threat Modeling
• 2025-06-03 The Security Brutalist’s Guide to Basic Security Hygiene
• 2025-07-15 The Brutalist Guide to Defining Your Security Posture in 5 Sentences or Less
• 2025-10-25 Scaling Brutalism: How Small Security Teams Scale Like Startups
• 2026-01-13 Top 10 Basic Must-Have Security Controls for Startups
• 2026-02-09 Security Brutalism Risk Method v2

Leadership & Strategy

• 2025-05-02 Brutalist Security Meets Team of Teams: Introduction
• 2025-05-03 Brutalist Security Meets Team of Teams: Implementation Guide
• 2025-05-11 The Brutalist Way of Security
• 2025-05-23 Security Brutalism: A CISO's Guide to Operational Clarity
• 2025-05-25 The Economics of Brutalist Security: Why Simple Beats Sophisticated
• 2025-06-01 Digging Through Digital Ruins: The Problem of Security Archaeology
• 2025-06-09 The Brutalist Guide to Leading Security Beyond Security
• 2025-06-14 Brutalist Security: Five Principles for Executives
• 2025-08-21 Purpose or Attack Surface
• 2025-08-28 The Inevitable Trio: Why Every Security Incident Boils Down to Malicious, Mistakes, or Malfunctions
• 2025-10-16 Your Perimeter Extends Beyond Your Walls

Specialized Applications

• 2025-04-21 A Brutalist Approach to Identity and Access Management
• 2025-04-25 Brutalist Application Security
• 2025-05-20 Brutalist Security Guide: IaC, CI/CD, and Cloud Provisioning
• 2025-06-05 The Brutalist Vendor Security and Risk Management
• 2025-09-04 Security Brutalism and Privacy: A Unified Approach, Part 1
• 2025-10-21 Security Brutalism and Privacy: A Unified Approach, Part 2
• 2025-11-10 Security Brutalism and Privacy: A Unified Approach, Part 3

Practical Tools & Methods

• 2025-04-18 Security Brutalism Metrics
• 2025-04-26 A Security Brutalist Guide to Documentation
• 2025-07-11 Brutalist Security Rapid Decision Making
• 2025-07-15 Collapse the Chaos: The Brutalist Guide to Simplifying Security Communication Channels

Survivability Engineering

• 2026-03-05 Survivability Engineering, Part 1: Risk Assessment
• 2026-03-17 Survivability Engineering, Part 2: How To Talk About Security Risk
• 2026-03-19 Survivability Engineering, Part 3: AI and the New Tech
• 2026-03-21 Survivability Engineering, Part 4: Threat Modeling with Reality
• 2026-03-24 Survivability Engineering, Part 5: Chaos and Red Teaming
• 2026-03-26 Survivability Engineering, Part 6: Surviving Reality
• 2026-04-06 Security Brutalism Under Real Conditions, Part 1: Introduction
• 2026-04-07 Security Brutalism Under Real Conditions, Part 2: The Framework
• 2026-04-08 Security Brutalism Under Real Conditions, Part 3: Knowing What You Have
• 2026-04-09 Security Brutalism Under Real Conditions, Part 4: Building the Program
• 2026-04-27 Security Brutalism Under Real Conditions, Part 4.5: Scoping Confidence
• 2026-04-10 Security Brutalism Under Real Conditions, Part 5: The Active Layer and Agents
• 2026-04-10 Security Brutalism Under Real Conditions, Part 6: Starting from Zero
• 2026-04-11 Security Brutalism Under Real Conditions, Part 7: Where This Goes Next
• 2026-04-11 Security Brutalism Under Real Conditions: Building the Consequence Map
• 2026-04-28 Applying Security Brutalism, A Playbook for Leadership and Practitioners. Part 1: For Security and IT Leadership
• 2026-04-28 Applying Security Brutalism, A Playbook for Leadership and Practitioners. Part 2: For Security Architects and Engineers

Advanced Concepts

• 2025-04-16 A Brutalist Approach to Security Teams
• 2025-04-19 Security Brutalism and the Adversarial Mindset
• 2025-04-24 Security Brutalism and VUCA
• 2025-04-26 Brutalist Security Architecture
• 2025-11-23 Security Renaissance: The Time Is Now

Brutalist Security Team

• 2026-03-01 Security Brutalism: Four Roles In A Team
• 2026-03-01 Security Engineer: From Ticket Taker to Ruthless Simplifier
• 2026-03-01 Security Architect: From Frameworks to Foundations
• 2026-03-02 Incident Responder / SOC Engineer: From Alert Volume to Fast Contact
• 2026-03-02 Security Team Manager: From Program Optics to Survivability

Questions From Readers

• 2025-05-14 What Is Security Brutalism?
• 2025-06-09 Minimalist Brutalist Security Program
• 2025-06-30 Identify and Eliminate Unnecessary Security Layers
• 2025-07-04 Implement Security Brutalist Controls
• 2025-07-13 Security Brutalism: Reducing Complexity
• 2025-07-14 Security Brutalism Approach to Securing a CI/CD Platform
• 2025-08-10 Security Brutalist Principles
• 2025-08-30 Long-term Benefits of Adopting Security Brutalism for Teams
• 2025-09-12 Perfect Plans vs Real Programs
• 2025-09-07 Minimal and Realistic Application of Security Brutalism

Brutalist Security Rules

• 2025-05-09 Rule 6 to 12: The Brutalist Loop
• 2025-05-09 Rule 5: Operate With Constraint
• 2025-05-09 Rule 4: Principles Over Products
• 2025-05-09 Rule 3: Simplicity Is Strength
• 2025-05-09 Rule 2: Objective-Driven Defense
• 2025-05-09 Rule 1: The Threat Is Real
• 2025-05-09 Brutalist Security Rules

The Rest

• 2025-03-23 The Security Brutalist’s Mindset
• 2025-04-30 The Security Brutalist Desktop Backgrounds
• 2025-05-05 Beyond the Fluff: Security Stripped Bare
• 2025-05-05 The Stoic Security Brutalist
• 2025-05-22 The Brutalist Grid: A Cyberpunk Story
• 2025-05-25 Tshirts to support the site
• 2025-06-15 The Pillars of Aethel: A Security Brutalist Story
• 2025-07-26 Security Brutalism: A Comparative Analysis with Foundational Cybersecurity Principles and Frameworks - A Paper
• 2025-12-29 Focus on the Fundamentals
• 2026-01-21 The Discipline of Reality
• 2026-02-13 New Tshirts to support the site