SecOps engineer building detection playbooks for Azure security teams. Production-tested KQL, investigation procedures, and response workflows. No theory just detections that work. More at theadversarylab.com