SecOps R&D @ Prophet Security | SANS Certified Instructor | Digital Forensics & IR Expert

I am a cybersecurity professional specializing in Security Operations (SecOps) and Incident Response and Management, with a rich background in incident response/management, digital forensics, threat hunting, and detection engineering. I am currently working on SecOps R&D at Prophet Security, teaching Incident Management at SANS, and delivering talks and workshops at conferences around the globe.

• AI in Security: Exploring the intersection of artificial intelligence with SecOps/Incident Response/Digital Forensics.
• Incident Management: How to effectively handle, coordinate, and manage enterprise-level incidents.
• Incident Response: Advanced host- and network-based digital forensics.
• Threat Detection: Innovative approaches to threat hunting and detection engineering.
• Security Operations: Developing cutting-edge methodologies and best practices for SecOps workflows.

• Critical AI Security Guidelines
  • SANS Community Project
  • Repository: GitHub
  • Focus:
    • Secure AI deployments with multi-layered security approach
    • Protection against model poisoning, prompt injection, and adversarial attacks
    • Governance frameworks that adapt to AI advancements
    • Balancing security and scalability in AI model hosting

• SANS LDR553: Cyber Incident Management

• SANS Cyber Defense Initiative 2025
  • Dates: December 12-17, 2025
• SANS Cyber Incident Management 2026
  • Dates: February 9-14, 2026
• SANS London April 2026
  • Dates: April 13-18, 2026
• SANS Chicago 2026
  • Dates: June 8-13, 2026

• Advanced Security Operations and Threat Hunting (ASOTH)
• SANS FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics
• SANS 5OR572: Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response

TBD

• Pay to Play: Surviving and Winning Ransomware Negotiations in 2025
  • SANS@Night Presentation
  • Date: December 16, 2025, 7:15-8:15 PM EST
  • Focus:
    • Real-world ransomware negotiation strategies and decision-making frameworks
    • Analysis of 2024 ransom payment trends (25% payment rate, 46% recovery rate)
    • Case study: Coinbase $20M ransom demand flipped into $20M bounty for attacker arrests
    • Technical protocols for verifying attacker claims and maintaining leverage
    • Professionalized RaaS platforms and triple extortion tactics

• Full Packet Capture as a Strategic and Regulatory Imperative

  • SANS Webcast
  • Date: November 13, 2025, 1:00-2:00 PM EST
  • Focus:
    • Regulatory mandates driving FPC requirements (OMB M-21-31, NIS2, DORA, GDPR, HIPAA, PCI-DSS)
    • Strategic implementation of Full Packet Capture for compliance and Zero Trust initiatives
    • Technical capabilities for forensic analysis and real-time visibility
    • Building business case for FPC implementation at scale

• Autonomous Endpoint Management: Next-Gen Endpoint Visibility Fueling SecOps and IT Ops with AI

  • SANS Webcast
  • Date: November 12, 2025, 3:30-4:00 PM EST
  • Focus:
    • Tanium Autonomous Endpoint Management (AEM) platform overview
    • AI-driven intelligence for unified IT and Security operations
    • Real-time endpoint visibility and automated compliance management
    • Accelerated incident response with guided remediation and workflow orchestration
    • Single-agent architecture benefits and measurable ROI

• FIRST Regional Symposium Latin America & Caribbean 2025

  • FIRST (Forum of Incident Response and Security Teams)
  • Date: October 8, 2025
  • Location: Latin America & Caribbean
  • Focus:
    • AI-Powered Incident Response strategies and practical implementations
    • Practical security monitoring and threat detection with AI
    • Cyber resilience coordination, collaboration, and communication frameworks

• Balancing On-Prem and Cloud Security: Strategic Considerations for Modern Organizations

  • SANS Webcast
  • Date: September 16, 2025, 1:00-2:00 PM EDT
  • Focus: Cloud vs. hybrid security models, platformization trends, modern enterprise security architecture

• Navigating the Challenges of Securing Hybrid Environments

  • SANS Webcast
  • Date: July 29, 2025
  • Focus:
    • Hybrid environment security blind spots and challenges
    • Consistent policy enforcement across cloud and on-prem
    • Real-world Zero Trust strategies
    • AI-powered hybrid visibility and detection
    • High-risk endpoint protection and lateral attack prevention

• Dev-to-Prod Mobile Security with Zimperium

  • SANS Webcast
  • Date: September 10, 2024
  • Focus:
    • Mobile application security from development to production
    • Enterprise mobile security platform capabilities
    • Comprehensive mobile security tools and modules
    • Safeguarding sensitive data on mobile devices

• Human-Powered Security with HackerOne

  • SANS Webcast
  • Date: August 21, 2024
  • Focus:
    • Community-driven bug bounty programs
    • Financial services, retail/e-commerce, and online services security
    • Return on Mitigation (ROM) metrics
    • Offensive security strategy enhancement

• Secure Your Multi-Cloud Environment from Code to Cloud with Microsoft Defender for Cloud

  • SANS Webcast
  • Date: June 26, 2024
  • Focus:
    • Multi-cloud security posture management
    • Code-to-cloud vulnerability identification
    • Attack path analysis and risk prioritization
    • Large-scale remediation strategies

_{💡 Last Updated: 2025-08-17 20:15:00 UTC}