Skip to content
View Thuynh808's full-sized avatar
11 followers · 36 following

Achievements

Achievement: Pull Shark

Achievements

Achievement: Pull Shark

Block or report Thuynh808

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
Thuynh808/README.md

streetrack-banner

Website   LinkedIn  

About Me

Infrastructure, cloud, and security focused engineer building automated, observable, and secure systems across enterprise-style environments.

Platforms

AWS   Azure   Linux   RHEL

Hands-on experience operating workloads across AWS and Azure, primarily on RHEL-based Linux systems in cloud and on-prem style environments.

Security & DevSecOps

DISA STIG   Trivy   Elastic   Microsoft Sentinel   KQL   MITRE ATT&CK   Threat Hunting   Nessus   Zeek

Familiar with security integrated system hardening, container vulnerability scanning, centralized detection, and structured threat hunting using DISA STIGs, Trivy, Elastic Stack, Microsoft Sentinel, KQL, and MITRE ATT&CK.

Containers & CI/CD

Docker   GitHub Actions   AWS ECR   Terraform   Ansible

Designed and operate container workflows that automate build, scan, and promotion stages using CI/CD pipelines rather than manual deployment processes.

Observability & Networking

Cisco   Syslog   Prometheus   Grafana   Loki   HAProxy

Additional experience includes ingesting metrics, logs, and network telemetry via SNMP and Syslog, with traffic analysis using Zeek to support troubleshooting and incident response.

Project Highlights

Mon1theus
Centralized observability platform for a Layer 3 routed homelab using Prometheus, Loki, Grafana, and SNMP/syslog telemetry, with validated OSPF reconvergence and link-failure visibility during real failover and recovery tests.

Azure Release Verifier
Automated Azure release validation system that scales verification workloads with VM Scale Sets, checks application health post-deployment, and securely stores verification results using Managed Identity and Azure Storage

STIG-Hardened
Automated DISA STIG scanning, remediation, and validation for RHEL 9 systems using Ansible and SCC, achieving over 80% compliance with repeatable workflows

ScanOps
End-to-end container security pipeline using GitHub Actions, Trivy, and AWS ECR to enforce vulnerability gating, SBOM generation, and image promotion with automated alerts

Breach Tracker
AWS-based backend service built on ECS Fargate, internal ALB, and API Gateway to collect, process, and expose breach data using Terraform and Ansible

Threat Hunts & Investigations

The Helpdesk Deception
Hypothesis-driven threat hunt analyzing misuse of helpdesk access on an intern workstation using Microsoft Sentinel and Defender for Endpoint, focusing on behavioral sequencing, interactive misuse, persistence, and narrative cover techniques rather than single-event alerts.

Tor Browser Usage Detection
Detection-focused threat hunt validating controls against anonymization tools by identifying TOR Browser artifacts, runtime processes, and outbound encrypted connections to known TOR nodes on a corporate endpoint.

Connect

Pinned Loading

  1. Thuynh808 Thuynh808 Public

    1