Skip to content
View Ash-soc's full-sized avatar

Block or report Ash-soc

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
Ash-soc/README.md

Hi, I’m Hope 🛡️

Aspiring SOC Analyst | Threat Detection | Blue Team

I’m building hands-on experience in threat detection, log analysis, and Windows security hardening through practical labs and documented investigations.

My path into cybersecurity hasn’t been linear and that resilience shows in how I approach security work: calm, methodical, and persistent.

I focus on understanding the why behind alerts, not just closing tickets.

🔧 Core Focus

  • Microsoft Defender for Endpoint (MDE)
  • Microsoft Sentinel (KQL Hunting & Analysis)
  • Windows Event Logs & Sysmon
  • DISA STIG Remediation
  • Structured Incident Documentation

🔎 Featured Projects

🛠️ Windows 11 STIG Remediation Series

Hardening a Windows 11 VM against DISA STIG controls. Includes remediation steps, before/after evidence, and compliance validation.

🧠 Threat Hunt: Suspicious Login Analysis (Microsoft Sentinel)

Investigated abnormal login activity using KQL. Built detection queries and documented investigative reasoning.

🚨 Credential Dump Detection (Sysmon + MDE)

Simulated LSASS dumping behaviour and analysed forensic artifacts. Correlated Event IDs and endpoint telemetry in a SOC-style report.

🎯 Career Direction

Building toward a SOC Analyst role where I can:

  • Investigate alerts independently
  • Recognise attacker behaviour patterns
  • Communicate findings clearly
  • Continuously improve detection quality

Pinned Loading

  1. Ash-soc Ash-soc Public

  2. Threat-Hunt--corphealth-soc-investigation Threat-Hunt--corphealth-soc-investigation Public

    Structured SOC investigation of privileged account misuse using Microsoft Defender Advanced Hunting (KQL).

  3. Vulnerability-Management-Program-Implementation Vulnerability-Management-Program-Implementation Public

  4. windows11-stig-remediation windows11-stig-remediation Public

    Hands-on Windows 11 DISA STIG remediation project using Tenable Nessus, Group Policy, and PowerShell, with a focus on SOC-relevant hardening and validation.

    PowerShell