Network: Identification of malicious infrastructure and exfiltration.

Endpoint: Identifying, containing malware and proactively establishing rules to prevent infection.

SEGS: Understanding of the email gateway system, identified holes from infections to add more layers of prevention.

SIEM: Experienced/trained in SIEM technologies.

Cloud: Actively monitored abnormal sign-ins/creating massive queries from feeds to compare to sign-in logs.

Custom Tools: Creation of Python security applications.

See demos in analysis of malware identification and prevention