Ewaldo Simon Hiras

@asimon

Blue teamer

Joined August 2024

About

I am a information security professional with interest mainly in defenses/ blue teaming. I enjoy leisure running 🏃‍♂️ and PC games.

Available for

Nothing here yet.

Ewaldo Simon Hiras's blogs

Ewaldo Simon Hiras's Blogaldosimon.com35 posts

Articles Threads Comments

Recently published

aldosimon.com

Detection Pipeline for CloudTrail Detection Engine

Prolog I needed to come up with a detection for an AWS environment, that is cheap, will take custom detection (preferably Sigma rule for easier maintenance) and somewhat flexible/ customizable. I ended up using with the Lambda that consume sigma and ...

Nov 10, 20255 min read

aldosimon.com

About idleak.net

Prologue Cyber security is always evolving. No matter which topic of cyber you are working with, there is always a need to know and learn new stuff, constantly. On one hand, this means a never ending fun, finding out new stuff and trying out stuff, b...

Oct 7, 20256 min read

aldosimon.com

CloudTrail Detection Engine

TLDR: CloudTrail detection engine (CTDE), is an AWS native (i.e. using lambda and CloudTrail) detection engine. Requirement and Research For one of the work I did, I needed to come up with a detection for an AWS environment, that is cheap, will take ...

Sep 26, 20256 min read

aldosimon.com

If I were to start validating my cloud detection...

Prologue I had an interesting 45 minute conversation with a security engineer from a mostly-cloud company. We talked about how would one start a detection assessment program, mainly brainstorming ideas on what to test. It was an impromptu chat (kind ...

Aug 3, 20257 min read

aldosimon.com

What Are Indicators of Compromise (IOCs) and Why Do They Matter?

This article is an excerpt from my piece originally published on cdef.id. You can read the full article here. Indicators of Compromise (IOCs) are simply evidence that a cyber intrusion has occurred. They are the digital breadcrumbs left behind by att...

Jun 21, 20252 min read

Ewaldo Simon Hiras

About

Available for

Ewaldo Simon Hiras's blogs

Recently published

Detection Pipeline for CloudTrail Detection Engine

About idleak.net

CloudTrail Detection Engine

If I were to start validating my cloud detection...

What Are Indicators of Compromise (IOCs) and Why Do They Matter?

Search Hashnode

Ewaldo Simon Hiras

About

Available for

Ewaldo Simon Hiras's blogs

Recently published

Detection Pipeline for CloudTrail Detection Engine

About idleak.net

CloudTrail Detection Engine

If I were to start validating my cloud detection...

What Are Indicators of Compromise (IOCs) and Why Do They Matter?