BadAshWednesdays
Weekly log: pivoting from manual SASE ops to agentic AI security workflows. Real builds, real failures, real lessons.
Week 7 — There Is No Stack
The hardest part of Panorama → Strata Cloud Manager migration isn't the technical work. It's explaining that something the customer has relied on for 10 years doesn't exist in the destination.
Week 6 — EU AI Act: 112 Days, €35M Fines, and the Math Doesn't Work
August 2, 2026. Article 15 requires adversarial testing evidence for high-risk AI. TÜV SÜD charges €150K and takes 6-18 months. Most vendors have neither.
Week 5 — MCP Security: The Protocol That Ate Everything (And Nobody's Watching It)
97M monthly downloads, CVE-2025-6514 at CVSS 9.6, 72% tool poisoning success rate, a supply chain attack that silently BCC'd emails for months — and zero behavioral monitoring products exist.
Week 4 — I Turned My AI Security Scanner Into an Enterprise API
A UI-only scanner is a demo. A REST API is a product. This week I ripped out 400 lines of TypeScript and replaced it with a FastAPI service that any CI/CD pipeline can call.
Week 3 — I Built a SOC for My Pool
250k BTU gas heater, $300 monthly bills, and a RTL-SDR sniffing Southwest Gas at 915MHz. This is the Pool SOC — Strata Pool Manager.
Week 2 — Semantic Detection vs. Regex: Why Pattern Matching Isn't Enough
How all-MiniLM-L6-v2 catches injection attacks that bypass keyword filters, and why the detection threshold matters more than the model.
Week 1 — Why I'm Betting on Agentic AI Security
First entry in the pivot series. Why SASE consulting is merging with AI security, what I'm building, and where this is going.