Phishing remains the number one attack vector for credential theft, malware deployment, and corporate breaches.

I was tasked with building a custom security monitoring environment using Splunk for Virtual Space Industries (VSI).

To conduct the forensic investigation, I used Autopsy, Kali Linux & SQLight Browser.

This hands-on experience reinforced my ability to leverage Splunk for real-world security monitoring and incident response.

This penetration test demonstrated my ability to conduct real-world vulnerability assessments and exploit system weaknesses across multiple environments such as Windows and Linux servers as well as web applications.

This post outlines the phases of the assessment, the tools used, and key takeaways. The full penetration test report is available at the end.

By leveraging Azure’s cloud infrastructure, I built a segmented, controlled environment that allows security assessments without unnecessary exposure. This setup mirrors real-world enterprise environments, where security, scalability, and reliability are essential.

In this case study, I investigated an alert triggered on our Security Onion system, indicating a potential malware infection. This blog post walks through my approach to analyzing the incident, understanding the attack methodology, and recommending mitigation strategies.

Security culture is one of the most critical aspects of an organization’s cybersecurity posture. Despite technological advancements in security solutions, the human factor remains the weakest link.