IT & Security Professional
Joe Thompson
Cloud Security · Architecture · Risk Advisory
I'm building toward cloud security architecture and executive advisory work, translating attacker knowledge into the design decisions that actually reduce organizational risk. My background spans fifteen years in TV production and business ownership into enterprise IT and security, and that range shapes how I communicate: I can work across technical depth and executive language in the same conversation.
The offensive background informs how I think about architecture. You design better controls when you understand what they are actually up against. I'm also developing a focused point of view on AI security as an attack surface: RAG poisoning, adversarial inputs, non-human identity, and agent governance. These are areas where most enterprise governance frameworks are still catching up to the technology.
-
AI Threat Intel Agent — Part 2: Stack Awareness
Teaching DANEEL what's actually installed. Part 2 adds automated Mac inventory collection, version-aware CVE matching, zero-day detection, and smart email logic that only fires when there is something actionable.
-
AI Threat Intel Agent — Part 1: Building DANEEL
Building DANEEL: a self-hosted threat intelligence agent that pulls daily CVE data from NVD, cross-references CISA's known-exploited catalog, reasons over the results with a local LLM, and delivers a written briefing by email every morning. Deployed on a dedicated Proxmox LXC on a daily cron schedule.
-
Endpoint Security Lab: Wazuh + Intune
Built a two-layer endpoint security environment on a Proxmox homelab — Wazuh SIEM for detection and visibility, Microsoft Intune for compliance enforcement. A fresh Windows 11 VM scored 26% on CIS benchmarks out of the box.
-
Archwarden — Security Portfolio Site
A self-built security portfolio site for writeups, methodology docs, and project work — designed to be accessible to people learning the field, not just to impress other hackers.
Featured
-
From Hollywood to Hacker
What Fifteen Years in TV Taught Me About Penetration Testing
The skills that made me good at producing television turn out to be the same ones that matter in security work. The tools are different. The job is surprisingly similar.
Recent Posts
-
14 Flags
What It Actually Takes to Pass the CPTS Exam
An honest account of the Hack The Box CPTS exam: what the experience is really like, what preparation actually matters, and what I took away from passing with 14 of 14 flags.
