Lab & Tooling

A personal learning and prototyping environment for testing security concepts, exploring tooling, and building practical skills.

I run a small lab environment to test logging pipelines, detection ideas, and automation patterns. This hands-on approach supports continuous learning and helps me stay current with evolving tools and techniques.

The lab is designed for practical experimentation rather than production replication. It provides a safe space to try new approaches, validate concepts, and build skills that translate directly to real-world OT security challenges.

Areas of Exploration

Telemetry & Log Pipelines

Testing data collection approaches, log forwarding patterns, and data normalisation techniques for diverse source types.

Detection Engineering

Developing and testing detection logic, understanding alert thresholds, and building practical runbooks for common scenarios.

Dashboard & Visualisation

Creating effective visualisations that answer operational questions and support efficient triage workflows.

Alert Tuning

Experimenting with tuning strategies to reduce noise and improve signal quality without losing visibility.

Automation Workflows

Building automation to reduce toil, improve consistency, and accelerate common security operations tasks.

Visibility Patterns

Exploring approaches to visibility in constrained environments where traditional IT monitoring may not apply.

Tooling Interests

While specific tooling varies by environment and requirement, these are areas I actively explore and maintain familiarity with:

Log Platforms & SIEM Splunk Detection Frameworks Automation & Orchestration Network Visibility IDS/IPS Concepts Scripting & Integration Containerisation

Continuous Learning

The lab is part of a broader commitment to continuous professional development. Cybersecurity evolves rapidly, and hands-on experimentation is essential for staying current with both threats and defences.

This practical approach complements formal qualifications and professional memberships, ensuring that theoretical knowledge is grounded in real experience with tools and techniques.

This page describes a personal learning environment. No sensitive information, internal configurations, or production system details are shared. All content is framed for educational and professional development purposes.