Build in Public

Engineering journal & technical writing.

Documenting the build process — from zero to enterprise-grade IAM and GRC infrastructure. Real problems, real solutions, real compliance evidence.

Featured

How I Built a 6-Project Identity Security Platform in 6 Weeks

Starting from a broken VirtualBox hypervisor conflict on RHEL 10, this is the full story of how the ReneeBuilds Identity & Compliance Platform came together — Keycloak, HashiCorp Vault, AWS SIEM, and AI-assisted GRC tooling mapped to 95+ compliance controls across PCI DSS, NIST 800-53, SOX, ISO 27001, and HIPAA.

Platform Coming soon ~15 min read
IAM Coming soon

Keycloak 26.x on RHEL 10 — What the Docs Don't Tell You

The python-keycloak 7.x breaking changes, why you must separate the auth realm from the target realm, and every workaround that saved this project.

~8 min read
PAM Coming soon

Replacing Root Tokens with AppRole — A Production Migration Pattern

How to migrate a HashiCorp Vault deployment from hardcoded root tokens to scoped AppRole machine identity without breaking existing Ansible automation.

~10 min read
GRC Coming soon

Mapping 51 Controls Across PCI DSS, SOX, NIST, ISO 27001, and CIS

The methodology behind the compliance documentation in this portfolio — how to map a single technical control to multiple frameworks without double-counting or overstating coverage.

~12 min read
IAM Coming soon

SHA-256 Tamper Evidence for Audit Logs — Why and How

Implementing non-repudiation for rotation logs using Python's hashlib. What it proves, what it doesn't, and how auditors will interpret it under PCI DSS AU-9.

~6 min read
More posts coming as projects ship

From Real Estate Broker to Identity Engineer

The non-linear career path, the transferable skills nobody talks about, and why compliance expertise from high-stakes asset management maps directly to GRC engineering.