Skip to content
View at0mikd's full-sized avatar

Block or report at0mikd

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
at0mikd/README.md

Tomás da Silveira

Security Researcher & SOC Analyst | Detection Engineering, SIEM, Bug Bounty Hunter | Full Stack & DevOps background | Building a home SOC lab in public

📍 Buenos Aires, Argentina 👤 LinkedIn 🐛 Bugcrowd ✉️ tomasda7@outlook.com


🛡️ About Me

I am a security researcher and SOC analyst in transition from Argentina, with a foundation in full stack development and DevOps (Go, Docker, Kubernetes, Jenkins).

My path into security is deliberately hands-on: instead of relying on academic credentials, I build verifiable evidence — validated bug bounty findings, a fully documented home SOC lab, and industry certifications. I hold the ISC2 Certified in Cybersecurity (CC) and completed the Cybersecurity Architect career track (287 accredited hours, EducaciónIT & Manhattan University) with specializations in SOC Operations and Cloud DevOps.

As a bug bounty researcher on Bugcrowd, I reported a validated IDOR / Broken Access Control vulnerability under coordinated disclosure, rated against Bugcrowd's Vulnerability Rating Taxonomy (VRT) and documented in a full technical writeup.

I also run a web development and automation agency for local businesses, where I apply secure development practices and run security assessments on everything I ship.

My medium-term focus: Cyber Threat Intelligence (CTI) and cloud security.


🛠️ Technologies

Core technology areas:

  • SIEM & monitoring: Wazuh, Splunk, Microsoft Sentinel (in training), log analysis and correlation, alert triage
  • Detection & response: incident response, MITRE ATT&CK, alert severity classification, root-cause analysis, KQL (in training)
  • Offensive security: bug bounty, OWASP Top 10, access control testing (IDOR/BAC), coordinated disclosure
  • Automation & DevOps: Go, Python, Bash, n8n, Docker, Kubernetes, Jenkins, CI/CD
  • Infrastructure: Linux server hardening, TCP/IP, DNS, HTTP/S, cloud computing

Security & detection

Wazuh Splunk Microsoft Sentinel MITRE ATT&CK OWASP Bugcrowd

Automation & DevOps

Go Python Bash n8n Docker Kubernetes Jenkins

Infrastructure & web

TypeScript JavaScript Linux Git GitHub


🏢 Experience

Security Researcher — Bug Bounty Hunter

Bugcrowd (Freelance) Mar. 2025 – Present · Remote

  • Investigate web application vulnerabilities within the scope of Bugcrowd programs, separating genuine security signals from noise.
  • Reported a validated IDOR / Broken Access Control finding under coordinated disclosure, rated against Bugcrowd's VRT and documented in a technical writeup.
  • Manage the full coordinated disclosure lifecycle and communicate risk clearly to program owners.

Full Stack Developer / DevOps — Founder

Web Development & Automation Agency (Freelance) 2024 – Present · Remote

  • Web development and process automation for local small businesses.
  • CI/CD pipelines and containerized workloads with Docker, Kubernetes, and Jenkins; automation in Python.
  • Secure development practices applied across the software lifecycle, with recurring security reviews on delivered systems.

📜 Certifications

Highlighted certifications:

  • ISC2 — Certified in Cybersecurity (CC) · 2026
  • Cybersecurity Architect — EducaciónIT & Manhattan University · 287 accredited hours · SOC Operator and Cloud DevOps specializations · 2026

In progress:

  • Microsoft SC-200 — Security Operations Analyst (Sentinel, KQL, Defender EDR/XDR)
  • Splunk Certified Cybersecurity Defense Analyst
📚 Cybersecurity Architect program — full course list (15 courses)
  • Ethical Hacking
  • Web Security (SQL Injection, XSS)
  • Network Security / Network Hacking
  • Windows Server Hacking
  • Mobile Hacking
  • SOC Operator
  • Digital Forensics
  • Cybercrime & Digital Evidence
  • Linux Security (Server Hardening)
  • Linux SysAdmin · Introduction to Linux
  • Cloud Computing · Cloud DevOps (Docker, Kubernetes, Jenkins)
  • Cryptography & Blockchain
  • Secure Development
  • Introduction to Networking · Introduction to Cybersecurity

📌 Featured Projects

Home SOC Lab

Self-hosted detection lab built to simulate the full detect → investigate → respond cycle:

  • Wazuh as SIEM: log ingestion, parsing, and correlation
  • Custom detection rules mapped to MITRE ATT&CK
  • Automated alerting pipeline with n8n + Discord
  • Alert triage and severity classification practice on real telemetry

Documented in public as both a learning method and verifiable evidence of hands-on work.

IDOR / Broken Access Control — Technical Writeup

Analysis and coordinated disclosure of a validated broken access control vulnerability found through Bugcrowd: root cause, impact assessment, reproduction steps, and remediation guidance, rated against the Bugcrowd VRT.


📚 Currently Learning

  • Microsoft Sentinel & KQL (via SC-200)
  • Microsoft Defender EDR/XDR
  • Splunk detection workflows
  • Threat intelligence foundations: IOCs, TTPs, MISP, STIX/TAXII, YARA, Sigma
  • Threat hunting methodology

🎯 Roadmap

My progression is structured and deliberate:

  1. Now — SOC Analyst Jr / L1: SIEM operations, alert triage, incident documentation
  2. Next — SC-200 certification; deepen detection engineering and EDR/XDR
  3. Then — Specialization in Cyber Threat Intelligence (GCTI / SANS FOR578 on the horizon) and cloud security

Every skill listed on this profile is backed by a certificate, a documented lab, or a validated finding. I prefer verifiable evidence over claims.


🤝 Let's Connect

I am open to:

  • SOC Analyst / Security Analyst opportunities
  • Bug bounty collaboration
  • Open-source security tooling
  • Detection engineering and home lab exchanges

Feel free to reach out through LinkedIn or email.


"Security is not a product, but a process." — Bruce Schneier

Pinned Loading

  1. moviex_api moviex_api Public

    The final project for the Golang course 'Labora-Golang', about a Netflix-like movies API.

    Go

  2. FullStack-Open FullStack-Open Public

    JavaScript

  3. soc-home-lab soc-home-lab Public