Infrastructure lessons, SSRF and metadata exposure, and the security shape of modern platforms.
I came up through racking servers, hypervisor migrations, and identity provisioning. The lesson that work taught me, and that I keep applying to AI in 2026, is that you cannot make good security calls from one set of binoculars.
Why 169.254.169.254 is the most-attacked IP on the internet. URL-bypass analyzer (decimal, hex, octal, alias hostnames), the five canonical SSRF targets, and the four hardening layers that actually contain blast radius.