Hardening a Grafana Monitoring Stack: 6 Phases, 15 Fixes, and the Gotchas Nobody Warns You About

The views and opinions expressed on this site are my own and do not reflect the views of my employer. This content is based entirely on publicly available documentation for open-source tools and does not contain proprietary information from any current or former employer. ⚠️ Controlled Lab Environment — Educational Use Only All configurations and commands in this post were developed and tested in an isolated personal homelab environment. Adapt all settings to your own environment’s requirements before implementation. Always test in non-production environments first. ...

February 15, 2026 · 49 min · Oob Skulden™

15 Vulnerabilities in a Grafana Monitoring Stack (And How We Found Them)

The views and opinions expressed on this site are my own and do not reflect the views of my employer. This content is based entirely on publicly available documentation for open-source tools and does not contain proprietary information from any current or former employer. ⚠️ Controlled Lab Environment — Not for Production Use All techniques demonstrated in this post were performed in an isolated personal homelab environment. Do not replicate these techniques against systems you do not own or have explicit authorization to test. The configurations shown are deliberately insecure for educational purposes. Always test in non-production environments. ...

February 15, 2026 · 35 min · Oob Skulden™

Authentik + Grafana: OAuth SSO Across VLANs and the 11 Things That Broke

The views and opinions expressed on this site are my own and do not reflect the views of my employer. This content is based entirely on publicly available documentation for open-source tools and does not contain proprietary information from any current or former employer. Intentionally Insecure Lab Environment This deployment is deliberately configured without TLS, reverse proxies, or secrets management. It exists to expose and document the full attack surface of a vanilla monitoring stack so that hardening decisions in later phases are informed, not assumed. ...

February 14, 2026 · 25 min · Oob Skulden�