All Series
Infrastructure security and platform engineering — practitioner-written, practitioner-depth.
Each series is a complete curriculum: a structured sequence of posts that builds understanding from first principles to production-grade depth. Not a collection of loosely related articles.
Active
eBPF: From Kernel to Cloud
How Cilium, Falco, and Tetragon actually work at the kernel level. For SREs, platform engineers, and security practitioners running Kubernetes who want to understand what eBPF-based tools are doing — not just how to deploy them.
7 of 18 episodes published · Active, weekly Tuesdays
Cloud IAM: From Zero to Master
AWS, GCP, and Azure access control from first principles to privilege escalation defense and Zero Trust architecture. Covers the deny-by-default model, cross-cloud IAM patterns, federation, and the attack paths through IAM that security teams need to know before an attacker finds them.
12 of 12 episodes published · Complete
The Identity Stack: From LDAP to Zero Trust
Enterprise authentication from the ground up: how LDAP was invented, how Kerberos works, what SSSD actually does on every Linux login, Active Directory internals, SAML and OIDC, and how to log into a Linux VM with Entra ID credentials. For Linux administrators and infrastructure practitioners who have used these tools but never had the full picture explained.
1 of 13 episodes published · Active
OS Hardening as Code
Declarative OS hardening: declare your Linux security baseline in YAML, build it reproducibly across any cloud provider, get an automated compliance grade before deployment, and block unhardened images from reaching production. Built around Stratum, an open-core (Apache 2.0) hardening platform.
2 of 6 episodes published · Active
Get new episodes in your inbox → linuxcent.com/subscribe