Ewaldo Simon Hiras

@asimon

Blue teamer

Joined August 2024

About

I am a information security professional with interest mainly in defenses/ blue teaming. I enjoy leisure running 🏃‍♂️ and PC games.

Available for

Nothing here yet.

Ewaldo Simon Hiras's blogs

Ewaldo Simon Hiras's Blogaldosimon.com35 posts

Articles Comments

Recently published

ESEwaldo Simon Hirasaldosimon.comNov 10, 2025 · 5 min read

Detection Pipeline for CloudTrail Detection Engine

Prolog I needed to come up with a detection for an AWS environment, that is cheap, will take custom detection (preferably Sigma rule for easier maintenance) and somewhat flexible/ customizable. I ended up using with the Lambda that consume sigma and ...

0

ESEwaldo Simon Hirasaldosimon.comOct 7, 2025 · 6 min read

About idleak.net

Prologue Cyber security is always evolving. No matter which topic of cyber you are working with, there is always a need to know and learn new stuff, constantly. On one hand, this means a never ending fun, finding out new stuff and trying out stuff, b...

0

ESEwaldo Simon Hirasaldosimon.comSep 26, 2025 · 6 min read

CloudTrail Detection Engine

TLDR: CloudTrail detection engine (CTDE), is an AWS native (i.e. using lambda and CloudTrail) detection engine. Requirement and Research For one of the work I did, I needed to come up with a detection for an AWS environment, that is cheap, will take ...

0

ESEwaldo Simon Hirasaldosimon.comAug 3, 2025 · 7 min read

If I were to start validating my cloud detection...

Prologue I had an interesting 45 minute conversation with a security engineer from a mostly-cloud company. We talked about how would one start a detection assessment program, mainly brainstorming ideas on what to test. It was an impromptu chat (kind ...

0

ESEwaldo Simon Hirasaldosimon.comJun 21, 2025 · 2 min read

What Are Indicators of Compromise (IOCs) and Why Do They Matter?

This article is an excerpt from my piece originally published on cdef.id. You can read the full article here. Indicators of Compromise (IOCs) are simply evidence that a cyber intrusion has occurred. They are the digital breadcrumbs left behind by att...

0

Ewaldo Simon Hiras

About

Available for

Ewaldo Simon Hiras's blogs

Recently published

Detection Pipeline for CloudTrail Detection Engine

About idleak.net

CloudTrail Detection Engine

If I were to start validating my cloud detection...

What Are Indicators of Compromise (IOCs) and Why Do They Matter?

Search Hashnode

Ewaldo Simon Hiras

About

Available for

Ewaldo Simon Hiras's blogs

Recently published

Detection Pipeline for CloudTrail Detection Engine

About idleak.net

CloudTrail Detection Engine

If I were to start validating my cloud detection...

What Are Indicators of Compromise (IOCs) and Why Do They Matter?