Applied AI for Security & Engineering
A collection of posts on applying AI and LLMs to real security and engineering work: building AI tools, automating operations, and rethinking everyday workflows.
This is the high-level outline of the different sections:
How to make your content interactive by building a conversational knowledge base. A practical walkthrough using CloudSecList, LLMs, and Cloudflare Workers.
- AI - RAG Pipeline
- AI - Query & Retrieval
- Website (Static Hosting)
- Deployment (CI/CD)
- Security Guardrails
Tested three approaches to automating security questionnaires with AI: expensive SaaS vendors, custom RAG solutions, and direct LLM use. Skip the vendors and try these alternatives instead.
- [Option 1] SaaS Vendors: the quick and (not so) easy option
- [Option 2] Build your own RAG
- [Option 3] Just use ChatGPT/Claude
- Conclusions
A walkthrough of my Claude Code setup across a multi-project monorepo: global settings, safety guardrails, a context/plan/code workflow, subagents and plugins, and the StarCraft-themed customisations that make the terminal feel like mine.
- Global Settings
- Guardrails
- Development Workflow
- Agents
- Skills
- Plugins
- Remote Control
- Customisation
I redesigned the CloudSecList landing page using Claude Design and Claude Code. The interesting part of the workflow was what didn't get automated.
- Phase 1: Getting a mockup
- Phase 2: From mockup to code
- Phase 3: What about the rest of the website?
- What didn't get faster
- Conclusions
A Claude Code Routine that triages every Renovate PR by risk, flags dead deps, and catches deprecated framework configs before I touch the diff.
- The Renovate Setup
- The Claude Skill
- The Claude Code Routine
- Putting It to Work