services
Cybersecurity
With over 15 years in practicing Cybersecurity, I am always ready for advisory, implementation, workshops and speaking opportunities. I cover a wide range of subjects including E-Commerce Fraud, SIEM, SOAR, Endpoints, DDOS, Honeypots, Phishing, Threat intelligence, dark web and APT development. You can request data feed from my Honeypot network and Early warning system. I have also provided emergency assistance for major Cyberattacks when requested.
Cloud Architect
Experience with On-prem computing was instrumental in my maximizing value with Cloud Computing since my start in 2009. As an early adopter and pioneer of IoT and DevOps, customers and colleagues have valued my insight. I continue to find pathways to further the use of consumption driven economy and scale. Get in touch if you are looking for guidance on best practices, low friction and real world Cloud implementation strategy.
Fintech and AI
CMFAS certified Financial Advisor in various products and Engineer by profession allowed me to take my interest further. I am also Certified by Udacity in 'AI For Trading'. I have continued my journey with Value Investing, Quantitative Finance and Analysis. My focus is in Capital Markets and more recently towards derivatives. Currently, I use Deep Learning for parts of the portfolio management traditionally attributed to Equity Analysts or Quantitative Finance
experience
Senior Systems Engineer / Security Specialist
Splunk Inc
May 2018 to Feb 2020
Pre-Sales for Phantom SOAR
Pre-Sales for SIEM, UBA, AI/ML and Splunk Fraud
Speaker at numerous Cybersecurity events across the region
Author of Phantom Audit and Phantom Cloudflare apps
Build pipeline and new markets
Evangelize process and value based sales process
Splunk conf2019 co-presenter and speaker.
featured projects
Threat Intelligence
A real time threat intelligence feed that uses on-going attacks to provide IOCs. In the world of Automated SOC with SOAR/XOAR platforms, threat intelligence can provide pro-active prevention of threats provided they are real time. Many threat intelligence today use stale data sources or similar duplicate sources and add to the noise for SOC alerts. Not to mention these create losses to business due to high level of False Positives. Wicked is able to correct this by using 10 years of aggregated intelligence and statistical analysis combined with live traffic to generate IOCs in real time.
Deep Learning Portfolio
After 12 years of researching on the subject of capital markets, I tested theories of value investing and technical analysis. Manual trades confirmed a benchmark beating return YoY with extremely low Sharpe Ratio (1.0 in 2020). However the process is currently tedious in investment world and is performed manually by Analysts. This is prone to errors due to our inability to process large amounts of information in a repeatable fashion. After completing my Udacity degree in AI for Trading I have been able to put together a system that efficiently analyses capital markets and recognizes opportunities across multiple markets in a range of investment styles. There is still much work to be done but existing positive returns justify investment. I have completed private seed investment and open to external funding with partnerships for next stage to grow the operation.
Secure Application Access and Acceleration
This was a POC project built around 2014 which allows Secure Web access for devices to protect employees from Web attacks and phishing scams. This is also used as secure proxy to access internal application hosted in the Cloud or On-Prem. Unlike other solutions which use their own network, this solution allows you to use your existing Security tools and Cloud resources to deploy and manage all resources. Other perimeter security can still be used as a complimentary solution. The solution integrates with existing XOAR and SIEM tools as well as OSINT out of the box. In addition, I have added support for DNS over Http recently. Within Enterprise environment this also works as AMP which came about much later and is only provided by Google. However any organization can have the same using this S3A which will provide bandwidth and infrastructure savings, additional security and faster application access. Get in touch if your organization would like to invest in this solution for cost-effective Security and access for remote working employees. This project is looking for funding.
latest articles
Ethereum merge and miners shifting hashing power to new projects
With the ETH 2.0 merge coming where are miners going? Here's the take from various mining discussion channels.
Qubes OS a reasonably secure operating system
This is the best OS for SecOps today. Worth setting up on Physical machine.
Hyper-V vs WSL2 vs VirtualBox vs VMWare
With all the VM technologies available today especially with Windows 10 and Hyper-V, is it worth switching for work? Let's find out.