Connor Panso

Questions or suggestions, note to cpanso at outlook dot com

Automated Threat Detection and Response Lab : This project focuses on setting up automated threat detection and response mechanisms using LimaCharlie EDR and YARA signatures within a virtualized environment. By configuring rules to detect and block malicious activities, such as ransomware attempts to delete volume shadow copies, this lab showcases how automated systems can enhance cybersecurity defenses. The implementation includes deploying YARA rules for malware detection, leveraging Sliver C2 payloads for testing, and refining detection and response strategies to improve accuracy and minimize false positives.

Elastic SIEM Lab : This involved setting up a home lab to explore Security Information and Event Management (SIEM) using the Elastic Stack with a Kali Linux virtual machine (VM). The setup included configuring an Elastic Agent on Kali to forward security events to the Elastic SIEM, generating various security events using tools like Nmap, and analyzing the events through dashboards and alerts to gain hands-on experience in security monitoring and incident response.

Microsoft Sentinel SOC Lab : I created a Security Operations Center (SOC) using Microsoft Sentinel. The setup involved deploying virtual machines, configuring log analytics workspaces, and connecting them to Azure Sentinel for real-time security monitoring. By generating and detecting security incidents, this lab provided valuable insights into using cloud-native SIEM solutions for threat detection and response.

BOI (BroadcastOps Interface) : A web-based dashboard for efficient management of broadcasting equipment and live feeds within a television station. Utilizes HTML, CSS, PHP, JavaScript, and AJAX to offer real-time updates and video feed access, enhancing the ability to monitor and respond to broadcast operations. Supports high-quality service delivery by streamlining workflow and improving response times to technical issues.

Landing Page for Operators : I developed a dedicated landing page for master control operators, designed to streamline access to essential login details and links for daily operations. This page improves the efficiency of operators by organizing critical information in a user-friendly format, ensuring quick and easy access to the tools and resources they need.