My work, in the field.
Threat hunts, detection engineering, incident analysis, and SOC tooling — real work from the trenches of security operations.
Threat Hunt: Detecting Lateral Movement Using Windows Event Logs
A structured threat hunt across a mid-size Windows environment to surface stealthy lateral movement using native event logs — no EDR required.
Threat HuntingWindows Event LogsMITRE ATT&CKSIEM
Phishing Campaign Analysis — Q1 2024
Quarterly analysis of inbound phishing campaigns targeting the organisation — trends, TTPs, infrastructure pivots, and user-impact insights.
PhishingThreat IntelIOC Analysis
Building a Detection Rule for Brute Force Attacks in Splunk
Engineered a high-fidelity SPL detection for distributed and password-spray brute force activity, with noise suppression tuned for a hybrid identity environment.
SplunkDetection EngineeringSPL