Cybersecurity Analyst | CYSA+ | Security+ Certified | Splunk Core Certified Power User | ISC2 CC | Google Certified | @ Log(N) Pacific
- π Cybersecurity analyst with hands-on expertise in threat hunting, SIEM detections, KQL scripting, and automated vulnerability remediation
- βοΈ Knowledge on PowerShell & BASH security hardening tools aligned with STIG & CVE benchmarks
- π Proven ability to simulate and detect real-world threats using Microsoft Sentinel and MITRE ATT&CK framework
- π― Seeking roles in SOC Operations, Threat Detection, Vulnerability Management, or Blue Team Automation
- π Masterβs in Cybersecurity Candidate @ WGU
- π Key Focus Areas:
- Secure Network Design
- Security Operations (SIEM | Incident Response)
- Penetration Testing & Vulnerability Assessment
- Cloud Security
- Risk Management & Security Architecture
- π Industry Certifications: PenTest+ | CISM | CISSP | (in progress) π
- π‘οΈ Passionate about architecting secure systems, ethical hacking, and implementing modern defense strategies in real-world scenarios.
- π Microsoft Sentinel Engineering: Developed custom detection rule packs for brute-force, C2, persistence tactics
- π‘ Vulnerability Management Lead (Lab Sim): Created a structured remediation workflow using PowerShell
- π΅οΈββοΈ Threat Hunting: Investigated anomalies in Tor browser traffic, RDP brute force attempts, and internal abuse cases
- π Incident Response Playbooks: Authored step-by-step guides to reduce analyst guesswork and accelerate triage
 |
 |
 |
- π Vulnerability Management Program (Full Cycle)
- ποΈ Targeted Vulnerability Assessment for E-commerce Operations
- π―SOC_and_Honeypot_in_Azure_Live_Traffic
- π§ Threat Hunt: Tor Browser Scenario
- π Brute Force Threat Detection (Sentinel)
- πThreat_Hunting_Incident_Data_Exfiltration_Employee_Simulation
- π Sentinel Rule Packs (MITRE Mapped)
-
π§ CTF: The Great Admin Heist
Participated in a real-world scenario-based Capture The Flag (CTF) focused on privilege escalation, enumeration, and log analysis.
Demonstrated strong analytical skills by identifying initial access vectors, misconfigured admin settings, and exploiting hidden credentials.Tools used: Browser-based reconnaissance, log forensics, Azure Sentinel, KQL Queries.
Outcome: Successfully captured all flags and documented each step with detailed reasoning and remediation suggestions.
-
π΅οΈ Threat Hunt: Operation Deep Access
Conducted a structured threat hunt simulating advanced persistent threats (APT) using Microsoft Defender for Endpoint and Sentinel. Identified stealthy attacker behaviors including PowerShell-based persistence, WMI event triggers, credential dumping, lateral movement, and C2 communication.
Tools used: Microsoft Sentinel, Defender for Endpoint (MDE), KQL Queries, Event Log Analysis, Azure VM.
Outcome: Mapped attacker activity to MITRE ATT&CK framework, generated forensic timeline, and proposed a detailed incident response plan with containment, eradication, and hardening strategies. Delivered a complete GitHub markdown report with TTP analysis and recommendations.
| Area | Tools / Skills Used | Key Outcome |
|---|---|---|
| Vulnerability Remediation | PowerShell, BASH, STIG, CVE, Compliance | Hardened OS + Automated Patch Scripts |
| Threat Detection | Microsoft Sentinel, KQL, MDE | Detected Brute Force, RDP, C2 Scenarios |
| Security Automation | YAML Rules, Playbooks, Incident Mapping | Enabled Low-Latency SOC Responses |
| Blue Team Engineering | MITRE ATT&CK, KQL Dashboards | Built Resilient Analyst View Layers |
- β CompTIA CYSA+
- β CompTIA Security+
- β ISC2 CC
- β Google Cybersecurity Professional Certificate
- β Splunk Certified Core Power User
- π‘ SIEM Tuning, Blue Team Automation, IR Playbooks
- π§ Regular lab practice in offensive/defensive strategy simulation
- π‘ SOC Playbooks Library with Real Case Studies
- π‘οΈEmail Security Simulation Project
- πSimulated_USB_Data_Exfiltration_Insider_Threat
- π Splunk Setup and Device Log Ingestion- Building a Dashboard
- π Patch Automation via PowerShell (Labs)
- π§ Advanced STIG Compliance Scripts
- π‘οΈ Incident Response For Everyone
- π§ PASTA Threat Model Worksheet
- πΌ NIST Frameworks for SOC Analysts
- π‘οΈππOWASP-TOP_10_2025- UnOfficial Yet
- π Full Cybersecurity Incident After Action Reports (AARs)
- π΅οΈββοΈSOC Simulations - Try Hack Me
- πPython Scripts for Threat Detection Scenarios
- π Splunk Notes
- π CCNA Notes
- π CCNA Practice Sets
- π§ Email: vbdevhex0@gmail.com
- πΌ LinkedIn: vbd91
- π» GitHub: Bharathkasyap
Why does the blue team always bring snacks to SIEM meetings? Because with all those logs, someone's gotta serve the cookies, and analyze who stole them.
Β© 2025 Venkata Devulapalli β Cybersecurity in Action.