Back to projects
Security
Enterprise Compromise Assessment (with Mandiant)
Enterprise-scale forensic artifact collection and triage across 9,000+ banking endpoints, conducted alongside Mandiant.
Overview
As part of a bank-wide compromise assessment, I worked alongside Mandiant consultants to deploy forensic artifact collection agents across more than 9,000 devices — spanning servers, workstations, ATMs, and CRM systems. The engagement focused on identifying indicators of compromise, validating the integrity of critical infrastructure, and feeding findings back into detection rules within Cortex XSIAM.
Highlights
- Coordinated agent deployment across 9,000+ heterogeneous endpoints with minimal operational disruption.
- Triaged forensic artifacts to identify indicators of compromise across servers, ATMs, and CRMs.
- Translated assessment findings into new and tuned detection rules to close coverage gaps.
Open to security research collaborations & freelance engineering work
Let's strengthen your security posture — or build something new.
Whether it's detection engineering, a compromise assessment, or a full-stack build — I'm always glad to talk shop.