Skip to main content
sudoRunner
sudoRunner

Projects

Portfolio Gallery

This page is organized by review value, not just by course number.

The first section is what I would point to first for ServiceNow SecOps, cybersecurity analyst, incident response, forensics, or GRC conversations. The later sections fill in the technical foundation behind that work: networking, risk analysis, HCI, cloud, software development, and web design.

Publishing note: These are public summaries. I do not publish raw lab files, malware samples, forensic images, full academic answers, credentials, private screenshots, client information, or sensitive implementation details.

Start Here: Strongest Evidence
#

ServiceNow SecOps Lab Hub
#

This is the most directly career-aligned section of the portfolio. It covers Vulnerability Response workflow thinking: vulnerable item triage, assignment ownership, remediation tracking, validation, exceptions, and closure.

Primary Focus ServiceNow SecOps

CYBER 440: Cybersecurity Capstone Incident Response & Forensics
#

A capstone investigation where I had to connect multiple evidence sources into one incident story: phishing, malware activity, forensic images, memory artifacts, logs, affected systems, impact, and remediation.

Capstone Incident Response

CYBER 366: Malware Analytics & Reverse Engineering Lab Collection
#

Hands-on malware analysis work covering static analysis, dynamic analysis, UPX unpacking, strings/FLOSS, ProcMon, RegShot, IDA Pro, Ghidra, Binary Ninja, anti-debugging, and keylogging indicators.

Malware Analysis Reverse Engineering

IST 454: Computer & Cyber Forensics Lab Evidence
#

Selected forensic evidence from the course: forensic imaging, mounting, hash verification, registry analysis, data carving, deleted file recovery, and AI/IoT forensics research.

Digital Forensics Evidence Handling

IST 456: Security & Risk Management with Enigma Glass Labs
#

Security management work that bridges SOC-style investigation and GRC: ransomware, compromised credentials, data exfiltration, ISO 27000 concepts, policy, contingency planning, and risk-based recommendations.

Risk Management GRC + SOC

IST 495: Penn State College of IST Network Lab Development Internship
#

Professional internship experience with Penn State College of IST. I worked on networking lab modernization, technical research, lab validation, documentation, rubrics, teamwork, and supervisor updates.

Internship Networking

Incident Response, Forensics, Malware, and Security Operations
#

Project
Why it matters
Area
CYBER 342W: Incident Response, Disaster Recovery & Business Continuity Planning
This is the planning side of incident response: NIST 800-61, CSIRT structure, communication, containment, recovery, DR/BC, and post-incident lessons learned.
IR Planning
IST 451: Malware-Based Attack Investigation Lab
A defensive investigation lab focused on suspicious traffic, firewall logs, containment, spoofing indicators, packet capture review, and process identification.
Investigation
IST 451: Security Labs Collection
A broader security lab collection covering service identification, Apache hardening, OpenVAS, SQL injection concepts, malware analysis, IDS concepts, and wireless security.
Security Labs
CYBER 262: Security Foundations Lab Collection
A hands-on foundation course: Linux logs, Python parsing, host-based defense, Wazuh, Snort, Splunk, 2FA, and buffer overflow concepts.
Foundations
SRA 221: Information Security Foundations Lab Collection
Earlier security-tool exposure: OWASP ZAP, reconnaissance, Wireshark, SPARTA, OpenVPN, pfSense, Active Directory, file system forensics, and Splunk.
Intro Security
CYBER 362: Network Traffic Analysis & ML-Based Anomaly Detection
Packet investigation, suspicious file analysis, Splunk review, clustering, supervised machine learning, and anomaly detection concepts.
Traffic + ML

GRC, Risk, Privacy, and Decision Analysis
#

Project
Why it matters
Area
IST 432: Cyber Law, Privacy & GRC Case Analysis
Cyber law and governance work: privacy, surveillance authority, Fourth Amendment concerns, CFAA authorization boundaries, cybersquatting, platform governance, and cybercrime scenarios.
Cyber Law
SRA 311: Risk Analysis in a Security Context
Applied risk analysis: analytic confidence, source credibility, risk matrices, weighted ranking, organizational risk maturity, cyber hygiene, threat modeling, and risk treatment.
Risk Analysis
SRA 231: Decision Theory & Analysis for Security Reasoning
The decision-theory foundation behind risk work: decision matrices, decision trees, decisions under ignorance, decisions under risk, expected value, and group decisions.
Decision Theory

OT/ICS, Cloud, HCI, and Software Foundations
#

Project
Why it matters
Area
IST 451: ICS/IT-OT Application-Level DoS Attack Lab
OT/ICS security work focused on SCADA visibility disruption, application-level DoS behavior, operational impact, and recovery validation.
OT/ICS
IST 402: Cloud Virtualization, Containers & SECaaS Architecture
Cloud and emerging technology work: Hyper-V, OpenStack, Docker, Docker Compose, secure cloud architecture, mTLS, zero trust, workflow modeling, and SECaaS strategy.
Cloud Security
IST 331: User-Centered Design & Booking.com Redesign
The HCI evidence behind how I think about usability: user research, low/high-fidelity prototypes, Figma collaboration, usability testing, and iterative redesign.
HCI
IST 261: Productivity Assistant Application Design Studio
Application design work with requirements thinking, noun/verb analysis, OOP modeling, MVC, persistence, task queues, GUI workflows, and testing.
App Design
IST 242: Intermediate Java & Object-Oriented Application Development
Intermediate Java work with inheritance, abstract classes, interfaces, polymorphism, Swing GUI development, validation, and cleaner application structure.
Intermediate Java
IST 240: Introductory Java Programming & OOP Lab Progression
The early Java foundation: classes, constructors, methods, encapsulation, inheritance, arrays, ArrayLists, search logic, and model/data separation.
Java Basics
IST 311: Java Data Structures, OOP & Software Engineering Foundations
The stronger software engineering layer: data structures, Big-O, object-oriented design, UML/CRC, testing, debugging, and Git workflow practice.
Data Structures
IST 250: Uphill Struggle Bicycles Web Design Project
Early web design work with page structure, navigation, front-end presentation, usability thinking, and building a complete website concept.
Web Design

Concepts and Site-Building Work
#

AI-Powered Vulnerability Ownership Recommender
#

A concept for AI-assisted ServiceNow SecOps decision support: vulnerable item ownership, assignment group routing, remediation path suggestions, escalation priority, and analyst-reviewed recommendations.

AI SecOps Concept

sudoRunner Portfolio Website
#

This website is also a project: Hugo, Blowfish, GitHub, Cloudflare Pages, DNS, email routing, custom styling, mobile HCI fixes, favicon branding, guided review paths, and security-conscious publishing.

Hugo + Cloudflare HCI

Quick Review Guidance
#

Best for ServiceNow / Vulnerability Response
#

Start with the ServiceNow SecOps Lab Hub, then review IST 456 and the AI ownership recommender concept.

SecOps Path

Best for Cybersecurity Analyst Roles
#

Start with CYBER 440, CYBER 366, IST 454, CYBER 362, CYBER 262, and IST 456.

Analyst Path

Best for GRC / Risk Conversations
#

Start with IST 456, IST 432, SRA 311, SRA 231, and CYBER 342W.

Risk Path

ServiceNow SecOps CYBER 440 Capstone CYBER 366 Malware Capabilities