DFIR
Disk, memory, and log forensics. Incident reconstruction and timeline
analysis.
SOC
Alert triage and event correlation. Identifying attacker behaviour in the
noise.
Malware Analysis
Static and dynamic sample analysis. IOC extraction and capability mapping.
Threat Intelligence
Hypothesis-driven hunting across logs and telemetry for hidden attacker
activity.
Cloud
Cloud-native forensics across AWS, Azure, and GCP. Logs, misconfigs, and
breaches.