Skip to content
View srkyn's full-sized avatar
0 followers · 1 following

Achievements

Achievement: Pull Shark

Achievements

Achievement: Pull Shark

Highlights

Block or report srkyn

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
srkyn/README.md

David Sarkisyan cybersecurity profile banner

David Sarkisyan

New York City. Defensive security tools and detection logic for IAM, endpoint, and SOC workflows. All work is read-only, evidence-first, and publicly reproducible.

STIGPilot tests lapse CI IdentityRiskGraph tests splunk-detection-content validation relic CI browser-bailiff CI undertaker CI

Credentials

  • CySA+ certified · Splunk Core User
  • TryHackMe top 1% · 120+ rooms · SOC, SIEM, EDR, Splunk, Wireshark, phishing analysis, Linux, network defense · Profile
  • OWASP and ISC2 community member

Featured Work

Project Focus Artifact
STIGPilot DISA STIG change triage, remediation backlog generation, evidence checklists, ticket-ready exports, PowerShell government mode Chrome demo
IdentityRiskGraph CloudTrail IAM event detection, nested access path resolution, MITRE-mapped findings, Streamlit investigation dashboard Screenshots
Splunk Detection Content SPL detections mapped to MITRE ATT&CK with tuning notes, false-positive paths, and triage playbooks Playbooks
lapse Entra ID stale-device review using interactive sign-in evidence to eliminate false positives from background sync Demo
relic Active Directory hygiene review for stale users, service accounts, disabled-but-still-membered accounts, and non-expiring passwords Demo
ai-lms-security-case-study Authorized assessment case study: access boundaries, control review, remediation paths, and redaction discipline Control matrix
undertaker Read-only scheduled task auditor for cron, systemd timers, and Windows Scheduled Tasks Demo
browser-bailiff Browser extension permission, host access, age, and review-reason auditor for Chrome, Edge, and Firefox Demo
home-network-security Sanitized OPNsense and Proxmox home network security control plane: firewall policy, DNS security, CrowdSec, logs, canary alerts Design rationale

What the tools cover together

STIGPilot handles compliance change triage. lapse and relic handle identity hygiene across Entra ID and on-premises Active Directory. IdentityRiskGraph and splunk-detection-content handle detection logic and SOC investigation workflows. undertaker and browser-bailiff handle scheduled job and browser extension risk review. home-network-security documents a production-style OPNsense and Proxmox home network security control plane.

Contact

Website: srkyn.com Email: contact [at] srkyn.com LinkedIn: linkedin.com/in/srkyn

Pinned Loading

  1. stigpilot stigpilot Public

    Local Python CLI that compares DISA STIG XCCDF releases and generates impact summaries, remediation backlogs, evidence checklists, and ticket-ready exports.

    Python 1

  2. lapse lapse Public

    Entra ID device hygiene tool using Graph sign-in evidence to reduce stale-device false positives.

    Python

  3. IdentityRiskGraph IdentityRiskGraph Public

    Identity-first detection engineering app for CloudTrail IAM events, nested access paths, and explainable SOC risk investigation.

    Python

  4. splunk-detection-content splunk-detection-content Public

    Splunk detection and triage notebook with lab-based SPL, MITRE ATT&CK mapping, tuning notes, and analyst playbooks.

    Python

  5. relic relic Public

    Active Directory hygiene auditor for stale objects, risky group remnants, non-expiring passwords, and aging service accounts.

    Python

  6. browser-bailiff browser-bailiff Public

    Read-only browser extension risk auditor for Chrome, Edge, and Firefox permissions, age, and host access.

    Python