Project Directory
Public CVE Risk Intelligence Dashboard
Automates vulnerability intelligence collection and enrichment using Python and Streamlit. Integrates NVD, CISA KEV, and EPSS data to prioritize enterprise remediation workflows based on real-world risk metrics.
Security Automation
Risk Scoring
DevSecOps Security Pipeline
Overview: Integrates automated security controls into a CI/CD workflow using GitHub Actions. Performs continuous security testing by scanning application code, repositories, dependencies, container images, and IaC before deployment to reduce risk and identify vulnerabilities early.
Key Features:
• Automated security testing in CI/CD pipelines
• Source code analysis with Semgrep
• Secret scanning using Gitleaks
• Container & dependency vulnerability scanning with Trivy
• Infrastructure as Code (IaC) security via Checkov
GitHub Actions, Python (Flask), Docker, Terraform, Semgrep, Gitleaks, Trivy, Checkov
Why This Matters: demonstrates early remediation, reduced deployment risk, and secure-by-design delivery through automated security engineering.
DevSecOps
Pipeline Sec
Cloud Security Posture Management & Governance
Overview: automated AWS security assessment tool that evaluates cloud configurations against security best practices across IAM, S3, EC2, and CloudTrail to identify misconfigurations and generate actionable remediation reports.
Key Features:
• Automated IAM, MFA, and least-privilege control validation
• Detection of S3 exposure and encryption issues
• Security group and CloudTrail logging review
• Risk scoring with prioritized remediation guidance
• Executive reports in CSV and Markdown formats
Python, Boto3, AWS CLI, S3, EC2, CloudTrail, IAM Security, Automation
Why This Matters: demonstrates automation of cloud security assessments to identify high-risk misconfigurations through repeatable, risk-based remediation guidance.
CSPM Tool
AWS Governance
Detection Engineering Lab
Overview: demonstrates a structured approach to developing and validating endpoint detections using Windows Sysmon telemetry and safe attack simulations. The project generates realistic attacker behaviors, captures endpoint events, and maps detections to the MITRE ATT&CK framework.
Key Features:
• Simulated attacker techniques using safe test scenarios
• Validation of endpoint detections using Sysmon telemetry
• MITRE ATT&CK mapping for each detection use case
• Coverage for PowerShell abuse, persistence, and network activity
• Evidence-based reporting with documented validation steps
Sysmon, Windows Event Logs, Wazuh, MITRE ATT&CK, PowerShell, GitHub
Why This Matters: demonstrates a repeatable workflow for developing and testing endpoint detections against realistic activity to support incident response.
Detection Engineering
MITRE ATT&CK
Additional Projects
Security Alert Triage Automation: Demonstrates how security alerts can be automatically prioritized based on severity, risk, and contextual information to reduce analyst workload. The solution streamlines incident triage by categorizing alerts, assigning priorities, and supporting faster, more consistent security operations.
Security Baseline Compliance Scanner: Automates the validation of system configurations against established security baselines and hardening standards. The project identifies configuration drift, highlights compliance gaps, and generates actionable reports to support continuous security monitoring and remediation.
Threat Modeling Security Assessment: Applies structured threat modeling techniques to identify potential security risks during the design phase of an application or system. Using industry best practices, it evaluates attack surfaces, documents threats, and recommends security controls to reduce risk before recruitment.
Security Engineering Home Lab: Provides a realistic enterprise environment for developing and validating security technologies, attack simulations, and defensive controls. It serves as the foundation for hands-on learning across identity management, network security, cloud security, detection engineering, vulnerability management, and security automation.
AI Agent Memory Security Lab: Explores security considerations unique to AI-powered applications, including memory handling, prompt injection, data isolation, and information disclosure risks. The project demonstrates secure design concepts and evaluates defensive techniques for protecting AI agents and user interactions.
IT Ticketing System: A full-stack web application designed to manage incident tracking, service requests, and workflow automation. While focused on IT operations, the project demonstrates software development fundamentals, authentication, database integration, and application architecture support secure enterprise environments.
Vulnerability Risk Assessment Dashboard: Provides an interactive view of security findings by combining vulnerability data with business context and risk metrics. The project demonstrates how security teams can prioritize remediation efforts through data visualization, risk scoring, and executive reporting.