Research & Labs
This section is for hands-on lab work and technical notes.
The project gallery has the full course-coded evidence map. This page is narrower: ServiceNow SecOps workflow work, malware/security labs, and the technical lab collections that best show how I work through systems, evidence, and process.
How to read this section: Start with ServiceNow SecOps if you are reviewing role fit. Start with CYBER 366 if you want malware analysis. Start with CYBER 262 or IST 451 if you want broader security foundations.
Start Here#
ServiceNow SecOps Lab Hub#
This is the most career-aligned lab section. It focuses on Vulnerability Response workflow: vulnerable item triage, ownership, remediation tracking, validation, exceptions, and closure.
This is where I would send someone first for ServiceNow SecOps or Vulnerability Response conversations.
ServiceNow VR Triage Checklist#
A practical checklist for thinking through vulnerable item intake, risk review, assignment group ownership, remediation path, exception handling, validation, and closure.
This is shorter than the lab hub and easier to review quickly.
Malware and Security Lab Collections#
CYBER 366: Malware Analytics & Reverse Engineering Lab Collection#
This is the strongest malware-analysis lab collection in the portfolio.
It covers static analysis, dynamic analysis, packed executables, UPX, FLOSS, PE inspection, ProcMon, RegShot, IDA Pro, Ghidra, Binary Ninja, anti-debugging behavior, and keylogging indicators.
CYBER 262: Security Foundations Lab Collection#
A hands-on security foundations collection covering Linux log analysis, Python parsing, endpoint protection, Wazuh HIDS, Snort NIDS, Splunk, two-factor authentication, and buffer overflow concepts.
This page shows the base layer behind later malware, forensics, and incident response work.
IST 451: Security Labs Collection#
A broader security lab collection covering service identification, Apache hardening, OpenVAS, SQL injection concepts, malware analysis, IDS concepts, wireless security, and privilege escalation concepts.
This is a supporting lab collection, not the first page I would send someone to, but it adds useful breadth.
What This Section Shows#
Tools Referenced in These Labs#
This is not a mastery claim for every tool. It is a map of tools I used or studied in the lab work summarized here.
Lab-Heavy Work Outside This Section#
Some of the strongest hands-on work lives under Projects instead of Research & Labs because those pages are bigger than a simple lab note.
CYBER 440 Capstone#
The best incident response and forensic investigation story in the portfolio.
Flagship
IST 454 Computer & Cyber Forensics#
Forensic imaging, hash verification, registry analysis, data carving, and deleted file recovery.
Forensics
IST 456 Security & Risk Management#
Enigma Glass SIEM-style labs covering ransomware, compromised credentials, and data exfiltration.
Risk + SOC
SRA 221 Information Security Foundations#
Earlier security-tool exposure: OWASP ZAP, Wireshark, SPARTA, OpenVPN, pfSense, Active Directory, forensics, and Splunk.
Foundational
How I Treat Lab Writeups#
Remove the Sensitive Parts#
I do not publish raw submissions, malware samples, private screenshots, credentials, exact lab artifacts, or full solution steps.
Redacted
Connect It to Roles#
The goal is not to show that I completed a class. The goal is to show what the work proves about how I investigate, document, and think through security problems.
Evidence