Projects
Selected professional and personal projects.
Defining Secure Automation: A Detection - SOAR Contract
A vendor-neutral contract that governs how security detections are allowed to trigger automated response, with clear safety boundaries, human approval points, and auditability. Continue reading Defining Secure Automation: A Detection - SOAR Contract
SOAR Reputation Playbooks (URL & IP)
A unified set of Splunk SOAR playbooks that automate URL and IP reputation investigations using layered enrichment, internal telemetry, and analyst-readable case notes. Continue reading SOAR Reputation Playbooks (URL & IP)
MacOS Unified Logging: Sysmon-Style Security Telemetry to Splunk
Collecting macOS security telemetry from the Apple unified logging system using logd predicates and Splunk Universal Forwarder, with private data enabled via MDM configuration profiles. Continue reading MacOS Unified Logging: Sysmon-Style Security Telemetry to Splunk
