Incident Response

When a security incident happens, quick and effective action is critical. I focus on identifying, containing, and mitigating threats while investigating their root cause. My approach includes analyzing logs, detecting persistence techniques, and building clear timelines of attacker activity to reduce downtime and prevent future breaches.