Tag Archives: technology

AI, Business

Why Claude’s Code Security Offering Doesn’t Replace Real SMB Cybersecurity

There’s been a lot of noise lately about AI (=Claude Code Security) replacing large chunks of cybersecurity.

Let’s slow down and separate what AI is actually good at from what actually keeps small and mid-sized businesses safe.

AI tools that scan code?
Impressive.

AI that reads configs and flags obvious misconfigurations?
Useful.

AI that can reason over static artifacts and suggest fixes?
Absolutely real progress.

But here’s the uncomfortable truth: most SMBs are not losing sleep over static code scanning.

They’re losing sleep over this:

  • “Why did our Microsoft 365 tenant just send 8,000 phishing emails?”
  • “Why is our bookkeeper’s laptop beaconing to an IP in Eastern Europe?”
  • “Why did our backup silently fail for 12 days?”
  • “Why did we pass compliance last quarter and now suddenly we don’t?”

That’s where EspressoLabs lives.

LLMs are extraordinary pattern recognizers.
They are very good at analyzing text, code, logs — when you give them the data in a clean, structured way. But SMB security isn’t clean. It’s messy, inconsistent, human, political, and operational.

EspressoLabs provides value in places LLMs simply cannot operate — at least not yet:

Continue reading
Standard
Business, webdev

Stay Ahead of Cyber Threats with CISA Advisory Monitor

Here’s a boring truth:
Cybersecurity and Infrastructure Security Agency publishes critical cybersecurity advisories.

Here’s a less comfortable truth:
Most teams never check them.

CISA maintains the Known Exploited Vulnerabilities (KEV) catalog. These are not “theoretical risk under certain lab conditions” bugs. These are vulnerabilities attackers are actively exploiting in the wild, right now, against real systems.

When something lands in KEV, it’s not a polite suggestion. It’s a flare in the sky that says: patch this, or prepare for visitors.

And yet—no one wakes up thinking, “Before coffee, let me refresh a federal website.”

We’re building product.
We’re shipping features.
We’re arguing in Slack.
We’re trying to remember where that one Terraform variable is defined.

So I built a bot that does the refreshing for us.

Continue reading
Standard
Business

CMMC Compliance: Why It Matters for Your Business

It’s not easy early in the morning… but let’s talk about CMMC.

If you work with the Department of Defense—or want to—you’ve probably had one of these moments:

  • “Wait, we need how many controls?”
  • “Is this just NIST 800-171 with extra paperwork?”
  • “Can’t we just say we’re secure?”

Short answer: no.
Long answer: definitely no.

What CMMC Really Is (Without the Buzzwords)

CMMC (Cybersecurity Maturity Model Certification) is the DoD’s way of saying:

“If you want access to our contracts, prove you can protect Controlled Unclassified Information (CUI).”

It formalizes what many companies should have been doing already:

  • Enforcing strong access controls
  • Logging and monitoring activity
  • Managing vulnerabilities
  • Hardening endpoints
  • Applying real security policies (not just a PDF in SharePoint)

In other words: operational cybersecurity, not theoretical cybersecurity.

Continue reading
Standard
life, Sport

Optimize Your Murph Challenge Experience with This Tracker

The Murph Challenge isn’t a workout.
It’s a systems failure conducted at heart-rate redline.

If you’ve ever tried to remember whether you’re on rep 183 or 193 of squats while your lungs are filing a formal complaint, you already know: human memory is not a reliable datastore under load.

So I built a Murph tracker that does exactly one job well—count reps—while I focus on the important things, like not dying.

🎖️ What is Murph (and why people keep doing it)

The Murph Challenge is performed on Memorial Day to honor Lt. Michael P. Murphy, a Navy SEAL killed in Afghanistan in 2005.

It was his favorite workout. Originally named “Body Armor”, which feels accurate in the same way “production incident” feels accurate.

The canonical version:

  • 1 mile run
  • 100 pull-ups
  • 200 push-ups
  • 300 squats
  • 1 mile run

Optional difficulty modifier: wear a 20 lb vest and rethink your life choices.

Continue reading
Standard
AI, Chrome, webdev

Transforming Recipe Chaos with SeasonApp

Some projects start with ambition.

This one started with annoyance.

I was tired of juggling recipes across bookmarks, screenshots, messages, and the occasional scribble in a notes app.
A normal person would’ve organized things.
I opened Cursor.

The plan was simple: a quick weekend hack.
Nothing serious. Just a tiny tool to help me stop losing recipes.

But then it worked. And I liked using it.
Then I showed it to a couple of friends.
Then my family started using it.
Then those friends shared it with their friends.

That’s when the “weekend hack” quietly transformed into SeasonApp—a small but mighty full-stack platform for cooking, powered by AI and built to remove friction from the kitchen.

Why SeasonApp Exists

If you cook regularly, your digital life eventually turns into a disorganized pantry. Tabs everywhere. Screenshots mixed with flight confirmations. Recipe blogs where you scroll past a childhood memoir before finding the ingredient list. And once you finally want to cook something, you can’t find the right recipe—or you’re missing one ingredient and the whole plan collapses.

SeasonApp brings order to that chaos.

It gives recipes a home.
It helps you create new ones.
And it actually understands what you want to do with whatever’s in your fridge.

The more people around me used it, the more obvious the need felt.
Everyone had the same pain; they just tolerated it.
SeasonApp gives them a better way.

Continue reading
Standard
Business

Protect Your Digital Life: 3 Key Security Habits

We imagine hackers as trench-coat wizards hammering keyboards while green code rains down the screen.
Reality is less Matrix and more lazy cat burglar.

They don’t “hack in.”

They log in, using the same password you used for LinkedIn in 2014 and also for your Gmail, bank, gym, YMCA portal, and that meditation app you opened (only) once.

Let’s fix that.
It’s not hard but it’s important.

Continue reading
Standard
AI

Gemini 3: Your New AI Coding Assistant

Every developer has that moment where they stare at the screen and wish for a magic wand.
Something that can unscramble a legacy codebase, sketch a UI without endless Figma tabs, or summarize a 300-page API doc that reads like… and create some good tests out of nothing.

Google just dropped something dangerously close.

Gemini 3 isn’t another “slightly better benchmark” release. It’s a real step forward—especially for people who build things for a living.

Here’s where it gets interesting:

Continue reading
Standard
AI, webdev

8 Top Tips to Actually Use Cursor (Without Setting Your Wallet on Fire)

If you’ve been coding anytime in the past year, you’ve probably heard the buzz about Cursor — the AI-powered IDE that promises to write your code, clean your code, and maybe even refactor your soul.

It’s built on top of VS Code, so it feels instantly familiar.
But the moment you hit that shiny AI shortcut, you realize: this thing is smarter than your codebase and hungrier than your wallet.

After a few months of using Cursor — and after accidentally vaporizing a scandalous number of API tokens — I’ve learned how to stay productive and solvent.
And yes, the TL;DR is that you can still combine Cursor with Ollama + local models to get many of these benefits for free.
Here are my 8 hard-earned tips to make Cursor your loyal sidekick within the limits of your budget.

The #1 tip: Control context scope aggressively – This is the biggest win

Cursor auto-includes files, diffs, and history—this explodes token usage.

Do this:

  • Manually select only the exact files/functions needed
  • Avoid “entire repo” context unless absolutely required
  • Use @file and @selection instead of implicit context
  • Clear chat or start a new thread when switching tasks

Why it matters:
Token cost scales with every line in context, not just your prompt.

Below are a bit more tips:

Continue reading
Standard
Chrome, JavaScript, webdev

Building a Real-Time Pull-Up Tracker: How I Taught The Browser to Count Our Pain

It started as a simple idea my son brought up: Can we make a web app that counts our pull-ups during our pull-up games?

Turns out, teaching a machine to recognize human suffering is both hilarious and complicated.
What began as a “let’s make a quick pull-ups app” spiraled into an intense journey through computer vision, browser quirks, and a few accidental infinite loops that made our laptop sound like a jet engine.

The “Simple” Goal

I wanted to automatically count pull-ups using a web camera.

Easy, right?

Just detect a human, see when they go up and down, and count.

Continue reading
Standard
Business, life

Nine Mental Models to Stop You from Making Dumb Decisions

We all think we’re rational.

We’re not.

Most of the time, most of the people are just apes with phones making pattern-matching errors at scale. If you aren’t sure, just look around.

Shane Parrish’s The Great Mental Models, is a antidote — a toolkit for thinking clearly and making fewer stupid decisions. Hopefully.

Btw, I wrote about it in the past as I ‘took’ ideas from the great Charlie Munger:

Charlie’s Thoughts on Decision Making

Below are nine models I keep coming back to, rephrased for the real world (and with fewer academic eyebrows raised).

Continue reading
Standard