Technical Blog

Writeups & Research

In-depth technical content on Azure Sentinel, KQL detection engineering, OSINT methodology, and SOC operations — written for security practitioners.

Articles

Topics

SIEM · OSINT · Detection

Status

Coming Soon

01SIEM Engineering12 min read

Building a Global Threat Map with Azure Sentinel and Honeypots

A step-by-step walkthrough of deploying a honeypot to capture real-world attack data and visualizing 20,000+ malicious logon attempts on a live Azure Sentinel world map dashboard using KQL analytics rules.

Azure SentinelKQLHoneypotThreat Visualization

Coming Soon

Full writeup in progress — check back soon.

02Detection Engineering15 min read

KQL Queries Every SOC Analyst Should Know

A curated reference of essential KQL (Kusto Query Language) queries for SOC analysts — covering log correlation, anomaly detection, brute-force alerts, lateral movement indicators, and incident triage workflows in Azure Sentinel.

KQLSIEMAzure SentinelSOC Operations

Coming Soon

Full writeup in progress — check back soon.

03Threat Intelligence10 min read

OSINT Workflow for Threat Intelligence: Tools and Methodology

An end-to-end OSINT methodology for threat intelligence gathering — from passive reconnaissance with Maltego and Shodan, to Python-automated enrichment pipelines that feed into SOC L1 analyst triage workflows.

OSINTThreat IntelligencePythonSecurity Automation

Coming Soon

Full writeup in progress — check back soon.

More articles on SOC operations, penetration testing, and security automation are in progress.

← Back to Portfolio