Projects
Selected professional and personal projects.
SOAR Reputation Playbooks (URL & IP)
A unified set of Splunk SOAR playbooks that automate URL and IP reputation investigations using layered enrichment, internal telemetry, and analyst-readable case notes. Continue reading SOAR Reputation Playbooks (URL & IP)
MacOS Unified Logging: Sysmon-Style Security Telemetry to Splunk
Collecting macOS security telemetry from the Apple unified logging system using logd predicates and Splunk Universal Forwarder, with private data enabled via MDM configuration profiles. Continue reading MacOS Unified Logging: Sysmon-Style Security Telemetry to Splunk
