Iago

threat researcher · detection engineer · SOC consultant

who i am

My name is Iago. I'm a cyber security analyst and researcher and a cryptography enthusiast. I'm currently Co-founder of 8layers and in my day-to-day I work as a Threat Researcher focused on Threat Hunting and Detection Engineering.

I'm also a PhD student in Computer Science at the University of Vigo, working on feature engineering and data enrichment for cyber security AI models. Founder and member of Hackliza, a galician community (in english and galician) about cyber security, maths, free software and other stuff. Member of the team "Shandyman and the Three Half Pints", three-time winners of the global OSINT event to find missing people.

With more than 10 years as a DFIR and CTI consultant, security analyst and SOC Manager for Fortune 500 companies and firms listed on IBEX35/NASDAQ, I also offer consulting/SME services to help organisations build and mature their SOCs.

services

If your team is building a SOC from scratch, or already has one running but is drowning in false positives and unclear processes, I can help on three fronts:

SOC consulting

  • Standard Operating Procedures (SOPs)
  • Tierless models (no-tier)
  • SLA, KPI and service metrics review
  • Prioritisation, triage and escalation
  • Tooling selection and integration
  • Scalability and shift models
  • Documentation, templates and automation

threat hunting

  • Hunt campaign planning and MITRE ATT&CK coverage
  • Gap analysis
  • Retro-hunts over historical data
  • Enrichment with OSINT and TIPs
  • Technical and executive reports
  • Internal team enablement

detection engineering

  • From Research (hunting campaign) to Operations (24/7)
  • Detection as code
  • False positive management

projects and publications

contact

If you're considering taking your SOC to the next level, building a hunting program or industrialising your detection engineering, drop me a line.

eu@iago.gal linkedin pgp key