~/projects

ARCHIVE

Engineering solutions for operational security problems

LAST UPDATE: 2024.02.16

Detection Engineering Assistant (MCP-Based)

TLP:AMBER

Architected an MCP-based intelligence layer over internal SIEM detections, enriched with public detection libraries, to automate MITRE coverage tracking, identify gaps, and generate production-ready detection logic — integrating directly into our detection-as-code workflow.

Detection Engineering MCP
Details 2026.02

ML-Based Registration Abuse Detection

TLP:AMBER

ML-based scoring engine identifying bot-driven account registrations via structural pattern analysis. 92% accuracy, deployed for real-time fraud reduction.

Machine Learning Anti Fraud
Details 2025.11

Syscall-Based Runtime Detection & AI Enrichment

TLP:CLEAR

Falco-based runtime detection stack converting syscall alerts into enriched, investigation-ready insights through AI-assisted analysis.

Terraform Kubernetes Falco Tetragon AI
Repository 2025.06

CI/CD Automation for SIEM Applications

TLP:CLEAR

Built a fully automated CI/CD pipeline for SIEM applications delivery. Eliminated manual packaging and testing , reduced deployment time from hours to minutes.

CI/CD SIEM Engineering Automation
Details 2025.04