Brian Whipp
Portfolio of Cybersecurity Work
Here you can see some of the Cybersecurity experience I have through work and through the program at
UT Austin, including Cybersecurity Analysis, Penetration Testing, and Digital Forensics.
SEIMs
SECURITY EVENT AND INCIDENT MANAGEMENT
Automated threat detection and response is the obvious choice for protecting important systems and data. Through the UT Austin program we did many labs setting up and experimenting with SIEMs like Splunk to set up baseline and signature based intrusion detection and response. We learned the Splunk Query Language to sort through large quantities of data.
Splunk Dashboard
In addition to setting up automated alerts, we created dashboards and visualizations for reporting.
Governance,
Risk,
Compliance
Business Impact Analysis
Data Privacy
Privacy is the core principal of cybersecurity, and businesses and individuals alike are subject to the threat of cyberattacks. Attacks and breaches from internal and external threats can disrupt operations, cost money, and cause reputation damage.
Luckily there are regulations, standards, tactics, strategies, and frameworks that can mitigate weaknesses and safeguard against attacks.
By following a structured process, we can analyze business operations, identify risks and vulnerabilities, develop a response, and enact a plan to make processes secure. With proper staff training, and periodic testing, occurrences of cyberattack incidents can largely be avoided. This will save companies time, money, data, and keep their reputations secure.
Regulatory groups have created paths for businesses to follow to ensure their organization and those who want to do business with them that they operate with the highest standards of security and data protection such as SOC audits and the International Organization for Standardization Security Frameworks. Furthermore there are data protection regulations many countries and industries have adopted to ensure customer data is safe and businesses are secure and accountable.
Through my training I have looked in depth at many of these business strategies and security standards. I have used many tools to provide a business analysis, identify risks and vulnerabilities, mitigate those risks, and come up with a plan for future and ongoing security.
Business Analysis - Penetration Test Report
For this project we did an actual penetration test of a fictitious company's website. After the analysis we had to write a report showing our findings and recommended mitigations. Please feel free to take a look or download the pdf from the link to the right.
PENETRATION TESTING
A large part of the focus of the UT Austin Cybersecurity program was on specific cyberattacks and system hardening. We did labs on a myriad of attack techniques from password cracking, to network traffic analysis and packet sniffing, to social engenieering attack methods. We studied the steps of penetration testing in different environments. We went over the formalities and legalitites in engaging in this kind of work with a business or organization as well. We also participated in Capture The Flag challenges to test our skills in finding hidden information on harddrives and web servers.
The following are the relevant system administration and penetration testing tools and methodologies I have done work with:
-
Windows and Linux system administration and hardening
-
Penetration testing rules of engagement
-
White box, Grey box and Black box scenarios
-
Passive reconnaissance including -
-
Advanced web searching techniques
-
Certificate Transparency
-
Shodan.io
-
Recon-ng
-
MITRE Attack Framework
-
Metasploit
-
Exploit-DB
-
Cross Site Scripting
-
Code injection techniques
-
Privilege Escalation Scripts
-
Password cracking
-
Social Engineering Techniques
-
Watering hole attacks
-
DNS Redirect attacks
-
Webhooks
-
Session Replay attacks
-
Various other cyber attack methods
CLOUD COMPUTING
Cloud Computing and the use of Virtual Machines and Networks are the future of computing technology. With cloud storage already widely in use, it is only a matter of time before more virtual and cloud based infrastructure is commonplace.
In the UT program, I got experience setting up virtual machines and networks in Azure. As an IT Manager and System Administrator I felt work was an extension of my previous experience.
We also set up security features to make the virtual machines more secure, including jump servers, reverse proxies and remote administration.
I think I could excel in this area of work and plan on persuing certifications in the future.
VIRTUAL NETWORKS
Linux
Being that it is one of the top operating systems and actively used for web, database, file, email and other types of shared servers, I am very enthusiastic about linux administration. The majority of our classwork through the UT program was done in Linux, and I am very comfortable with the Linux operating system, file systems, installation, peripherals, and scripting.
Coding
Languages:
Objective-C
Swift
Javascript
Html/CSS
PHP
Python
SQL
XML
Java
Bash
I have done some form of coding since logo writer in the third grade, moving on to html, and then having more advanced concepts finally click in my Interactive Animation class in college using Actionscript 2.0. Since then I have worked with many coding languages including Python, Javascript, PHP and extensively with Objective-C. I have published several moobile apps making use of many of the features of the iphones capabilities.
Digital Forensics
Digital Forensics is one of the most interesting areas of cybersecurity and one I would love to get into.
Through the UT Austin program we went over the steps of the digital forensic process.
We learned a number of different ways to make forensic backups.
And we learned Autopsy the digital forensics tool and used it to search for data from iphones to uncover evidence.