KyHomelab

Exploring the Digital Universe - One Project at a Time

Read More   ▸ Live HomeLab ◂   ▸ Attack Map ◂   Download Resume
Profile picture of Kyle S

I'm Kyle Stanley, a Security Operations Analyst with hands-on experience in Microsoft Sentinel, threat hunting, and incident response. Currently protecting enterprise environments through proactive security monitoring, custom KQL detection engineering, and Azure security assessments. Built an advanced home lab featuring 15+ integrated security tools including Wazuh SIEM, Suricata IDS, and automated SOAR workflows. Architected a hybrid Azure honeypot that collects real-world threat intelligence and publishes community IOC feeds. Holds CompTIA Security+, Azure Administrator (AZ-104), and CompTIA A+ certifications—actively pursuing Microsoft SC-200. Passionate about turning security theory into production-ready detections, documented playbooks, and measurable risk reduction.


Contact Me Blog Download Resume

Currently Working On


Active projects and initiatives


Unauthorized Software Detection & Remediation

In Progress

Building KQL detection rules and automated PowerShell remediation scripts for rogue RMM tools and PUA browsers in Microsoft Defender

Azure Identity Security Lab

In Progress

Entra ID identity attack detection lab — building 15+ KQL detection rules in Microsoft Sentinel for password spray, MFA fatigue, and privilege escalation, with automated response via Microsoft Graph API and n8n SOAR workflows

Purple Team IR Campaign

In Progress

Full IR lifecycle purple team campaign across 5 attack scenarios using MITRE Caldera, with detections across Wazuh, Suricata, and Sysmon and case management in TheHive

Malware Analysis Pipeline

Active

Automated malware analysis using CAPEv2, Proxmox, and n8n workflows with detection engineering insights from 25+ samples

SOC Lab Environment

Active

Unified SOC lab with OPNsense segmentation, SIEM integration, and Caldera adversary emulation

Latest Blog Posts


Recent writeups and walkthroughs


Replaying 2.7 Million Honeypot Attacks: From GitHub Gist to Interactive Map

May 06, 2026

I had 800 historical snapshots of my Azure honeypot's blocklist sitting in a public GitHub gist — 527 unique attacker...

Building a Live HomeLab Dashboard with Prometheus and Grafana

May 05, 2026

I wanted my portfolio to do something most don't — show real, live infrastructure metrics from my actual lab. So I st...

What's in My HomeLab — 2026 Edition

May 01, 2026

When I wrote the first 'What's in My HomeLab' post in March 2024, the lab was a single Proxmox host with a handful of...


View All Posts

Certifications


Professional credentials and achievements


CompTIA A+

CompTIA | June 2021

Foundational IT certification covering hardware, networking, mobile devices, and troubleshooting

CompTIA Security+

CompTIA | 2021

Industry-standard security certification covering network security, compliance, threats, and cryptography

Azure Administrator Associate

Microsoft | 2023

Microsoft Azure cloud administration certification covering identity, governance, storage, and compute resources

Send me an Email

You Can find me here