Open-Source Software

💡 Substation

Purpose: Route, normalize, and enrich security event and audit logs.
Role: Creator and lead developer since early 2021.

📂 Strelka

Purpose: Static file analysis for enterprise security teams.
Role: Creator and lead developer from early 2017 to late 2019.

🌐 Zeek

Purpose: Network security monitoring (NSM NDR), analysis, and scripting.
Role: Contributed the Remote Desktop Protocol (RDP) analyzer in early 2015.

Security Guides

✏️ Detection Engineering Pocket Guide

🔍 Threat Hunting Pocket Guide