Portfolio Changelog
This page tracks meaningful changes to sudoRunner.
I am treating the site like a real portfolio product: content is added, reviewed, renamed, reorganized, and cleaned up over time. The goal is not just to keep adding pages. The goal is to make the site easier to review, more honest, more usable, and more useful for ServiceNow SecOps, cybersecurity, GRC, and technical reviewers.
Why this page exists: The changelog shows how the portfolio has evolved: new evidence added, pages reorganized, HCI issues fixed, course-coded naming normalized, and sensitive work kept portfolio-safe.
June 2026
#Homepage Redesign
Reworked the homepage so the review path is clearer. “Start Here” is now the obvious primary action, with secondary actions and featured areas centered underneath.
HCI
Course-Coded Project Naming
Normalized academic project names across the site so projects consistently use course codes such as CYBER 440, CYBER 366, IST 456, IST 454, SRA 311, IST 331, and IST 495.
Content Cleanup
Project Gallery Rebuild
Reorganized the Projects page so the strongest evidence appears first, followed by supporting incident response, forensics, malware, GRC, cloud, HCI, software, and foundational work.
Projects
Capabilities Page Rebuild
Rebuilt the capability map so it connects specific skills to specific evidence instead of reading like a generic skills list.
Evidence Map
Review Paths Rewrite
Rewrote role-based review paths for recruiters, ServiceNow reviewers, cybersecurity analysts, incident response reviewers, GRC reviewers, OT/ICS reviewers, cloud reviewers, and HCI/software reviewers.
Navigation
Start Here Rewrite
Turned Start Here into a true front desk for the portfolio, with a clear fast review path and guidance on what to read first.
Reviewer Flow
Research & Labs Cleanup
Separated Research & Labs from the main Projects page so it focuses on ServiceNow SecOps, Vulnerability Response, CYBER 366, CYBER 262, and IST 451 lab work.
Research Labs
Resume, About, Credentials, and Opportunity Fit Rewrites
Updated the high-traffic personal pages so they sound more direct, less generic, and more honest about primary strengths, supporting areas, and developing interests.
Core Pages
New Portfolio Evidence Added
#Added a capstone investigation page covering phishing, malware activity, forensic images, memory artifacts, logs, incident timeline development, impact assessment, and remediation planning.
Flagship Evidence
Added an incident response planning page focused on NIST 800-61, CSIRT structure, communication, containment, recovery, disaster recovery, business continuity, and cybersecurity writing.
IR Planning
Added malware analysis evidence covering static analysis, dynamic analysis, unpacking, FLOSS, PE review, ProcMon, RegShot, IDA Pro, Ghidra, Binary Ninja, and anti-debugging awareness.
Malware Analysis
Added selected forensics evidence covering image creation, image mounting, hash verification, registry analysis, data carving, deleted file recovery, and AI/IoT forensics research.
Forensics
Added security risk management evidence covering Enigma Glass SIEM-style investigation, ransomware, compromised credentials, data exfiltration, ISO 27000 concepts, compliance, and contingency planning.
Risk / GRC
Added professional internship evidence covering networking lab modernization, technical research, lab validation, documentation, rubrics, teamwork, and supervisor-facing communication.
Internship
Additional Academic Evidence Added
#Adds cyber law, privacy, surveillance, CFAA, cybersquatting, digital governance, and cybercrime analysis.
GRC
Adds risk analysis, source credibility, analytic confidence, weighted ranking, threat modeling, and risk treatment.
Risk Analysis
Adds decision theory, decision matrices, decision trees, risk/ignorance, expected value, group decisions, and behavioral decision-making.
Decision Theory
Adds cloud, virtualization, containers, OpenStack, Docker, mTLS, zero trust concepts, workflow modeling, and SECaaS strategy.
Cloud Security
Adds the HCI evidence behind the portfolio’s usability focus: user research, Figma prototypes, usability testing, and iterative redesign.
HCI
Adds early information security tool exposure: OWASP ZAP, Wireshark, SPARTA, OpenVPN, pfSense, Active Directory, file system forensics, and Splunk.
Foundations
Software and Application Development Evidence Added
#Adds application design studio evidence: proposal, noun/verb analysis, OOP model, MVC, persistence, task queues, GUI workflow, and testing.
Application Design
Adds intermediate Java evidence: inheritance, abstract classes, interfaces, polymorphism, Swing GUI, validation, and application structure.
Intermediate Java
Adds introductory Java progression: class design, constructors, methods, encapsulation, arrays, ArrayLists, inheritance, and model/data separation.
Java Basics
HCI and Branding Fixes
#Clickable vs Static Elements
Improved the distinction between real buttons, links, status labels, badges, honors, and static information panels.
Usability
Credential Layout
Reworked education, credentials, honor societies, and certifications into cleaner static panels and record rows.
Credentials
Cum Laude Styling
Fixed inconsistent Cum Laude styling so it appears as academic honor text instead of a fake button or badge.
Visual Polish
Contact Page
Cleaned up the contact page so contact methods read as structured contact records instead of broken or fake button elements.
Contact UX
Favicon / Brand Fix
Replaced the default Blowfish browser favicon with the sudoRunner terminal-style icon.
Branding
Mobile Layout Cleanup
Improved mobile layout behavior, spacing, card stacking, button visibility, and safe-area handling across key pages.
Mobile HCI
Current Direction
#Keep the hierarchy honest.
#Not every page is a flagship project. Some pages show strong evidence; others show foundations and progression. The site should make that clear.
Evidence Hierarchy
Keep the voice human.
#The portfolio should sound like my work, not generic brochure copy. Strong pages should explain what I actually did and why it matters.
Human Voice
Keep publishing carefully.
#The site should show meaningful cybersecurity work without exposing raw malware, forensic evidence, private lab files, full academic answers, credentials, or client-sensitive information.
Security First