:: SYSTEM_LOGS // ARCHIVED_PROJECTS

Engineering
Chronicles.

A detailed log of systems architected, threats mitigated, and networks deployed. From backend logic to cloud resilience.

LOG_ID: 001 // SOAR_IMPLEMENTATION FEATURED_EVIDENCE

Automated Threat Remediation

Microsoft Sentinel Azure Logic Apps Python (KQL) MITRE ATT&CK
>> THE_PROBLEM

Manual incident response times were averaging 4 hours for standard malware alerts, leaving the network vulnerable to lateral movement. Security analysts were overwhelmed by false positives.

>> THE_ARCHITECTURE

Architected a SOAR (Security Orchestration, Automation, and Response) workflow using Microsoft Sentinel.

1. Ingestion: Syslog and API connectors aggregate logs from firewalls and endpoints.
2. Detection: Custom KQL queries identify anomalous behavior patterns mapped to MITRE ATT&CK.
3. Response: Azure Logic Apps trigger an automated isolation of the compromised VM via Azure CLI, blocking all outbound traffic immediately.

>> IMPACT_METRICS (VISA EVIDENCE)
  • ✓ Reduced MTTR from 4 hours to 30 seconds.
  • ✓ Eliminated 95% of Tier-1 analyst triage time.
LOG_002 // IDENTITY_GOVERNANCE

Identity as the Perimeter

>> ACTION_TAKEN

Replaced permanent admin access with Entra ID PIM (Just-In-Time). Enforced Phishing-Resistant MFA (FIDO2) and device compliance policies.

>> RESULT

Achieved Zero Standing Privileges across the admin tier and 100% compliance with ISO 27001 access controls.

Entra ID (Azure AD) PIM / JIT Conditional Access Powershell
LOG_003 // HYBRID_NETWORKING

Resilient Hybrid Mesh

>> ACTION_TAKEN

Migrated legacy MPLS to Azure Virtual WAN with active-active VPN gateways and BGP for dynamic route propagation.

>> RESULT

Ensured 99.99% Uptime for branch offices and enabled dynamic scaling for new site deployments.

Azure Virtual WAN BGP Routing Cisco ISR Terraform