I'm Aaron Thummel, a Kansas City-based cybersecurity professional with over 20 years in IT and security, including 6+ years living and breathing security operations. I specialize in threat detection, incident response, and digital forensics, and I've had the privilege of building and leading security teams across some great organizations — from the University of Kansas Health System to Cribl, where I recently spent time as a Senior Security Analyst focused on SOC maturity, cloud security, and automation and AI maturity. I hold a Bachelors and Master of Science in Cybersecurity & Information Assurance and carry both my GCIH and GCFA certifications, though I'm probably most proud of the fact that I still genuinely love this field after two decades.
Outside of hunting threats and leading incident response, I'm passionate about the craft itself — building logging and detection pipelines, automating the tedious stuff, and digging into forensic artifacts the way most people dig into a plate of burnt ends. This blog is my space to share what I'm learning, what I'm building, and what's keeping me up at night (professionally speaking). If you're into blue team defense, DFIR, or just want to talk BBQ and bytes, you're in the right place.

Outside of work I love cornhole, axe throwing, and being with friends. I have recently gotten back into shooting guns and trying to keep up with my daughter and her love of competitive volleyball.