Skip to content
View santinoholmes1979's full-sized avatar

Block or report santinoholmes1979

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
santinoholmes1979/README.md

Ryan Holmes

Python Cybersecurity Threat Hunting MITRE ATT&CK Zero Trust AI Security

Cybersecurity Engineering | Detection Engineering | Threat Hunting | AI Security Analytics

Security & Risk Analysis graduate and U.S. Navy veteran building AI-assisted cybersecurity analytics platforms and detection engineering tools.

I build systems that model how modern Security Operations Centers convert security telemetry into investigations through detection engineering, threat hunting, attack chain reconstruction, and analyst workflows.

Core Security Platforms

These projects form the core of my security analytics portfolio.

These platforms collectively model different layers of modern SOC analytics and investigation workflows.

AISOP – AI Security Operations Platform
AI-assisted SOC platform modeling how modern security teams convert telemetry into investigations.

AI Threat Hunter
Telemetry-driven threat hunting environment for exploring suspicious behavior across security events.

AI Attack Chain Analyzer
Security analytics system that reconstructs adversary activity across the MITRE ATT&CK framework.

AI EDR Threat Hunting Lab
Detection engineering environment simulating behavioral analytics used by endpoint security platforms.

Portfolio Architecture

This portfolio simulates the workflow of a modern Security Operations Center.

Pinned Loading

  1. aisop aisop Public

    AI Security Operations Platform with incident correlation, MITRE ATT&CK mapping, attack chain reconstruction, and SOC investigation workflow.

    Python

  2. ai-threat-hunter ai-threat-hunter Public

    AI-assisted threat hunting lab built with Python and Streamlit for telemetry analysis, suspicious pattern detection, and SOC investigation workflows.

    Python

  3. ai-attack-chain-analyzer ai-attack-chain-analyzer Public

    AI-assisted SOC investigation dashboard that reconstructs cyber attack chains from endpoint telemetry and maps activity to MITRE ATT&CK techniques.

    Python

  4. ai-zero-trust-analytics ai-zero-trust-analytics Public

    AI-assisted security analytics project exploring Zero Trust architecture through identity and access anomaly detection.

    Python

  5. ai-rmf-log-analyzer ai-rmf-log-analyzer Public

    Offline-first RMF / NIST 800-53 log detection and executive reporting pipeline (auditable outputs).

    Python

  6. ai-siem-detection-lab ai-siem-detection-lab Public

    Microsoft Sentinel SIEM lab: Azure Activity ingestion + KQL analytics rules + incident validation