Hi, I'm Jonathan DeLeon, CCSP®
I'm a Information Security Analyst
I protect information, cloud systems and fight evil!
- Combining SOAR and EDR Solution for Automation
- [In this project, I implemented a detection mechanism using Lima Charlie to identify a specific hack tool. When the system detects this tool, it triggers actions via Tines, sending notifications to Slack and email. These notifications include crucial details such as timestamp, computer name, source IP, process details, command line invocation, file paths, sensor ID, and optionally, a link to detailed detection information. Additionally, Tines prompts the user with an option to isolate the affected machine. If isolation is confirmed, Lima Charlie automates the isolation process and notifies Slack with a confirmation message. If isolation is declined, a message is sent advising further investigation.]
- Utilize Custom Analytics with Query in Microsoft Sentinel to monitor for malicious login activities
- [In this project, the aim is to strengthen security measures by effectively consolidating and analyzing log data. By setting up a robust environment using Microsoft Azure and Microsoft Sentinel, logs from Windows Events will be systematically ingested into the SIEM. A custom analytics query will be formulated to identify and monitor potential Brute Force Login attempts, enhancing the detection and response to possible security threats.]
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent