Justin Glover

Areas of Focus

Cybersecurity

Pursuing CompTIA Security+ certification to solidify my security foundation. Exam date is Feb. 1, 2026.
Completing SOC and Cybersecurity analyst training to develop skills in threat detection, incident response, and security monitoring.
Exploring AI security to understand vulnerabilities in AI systems and defend against AI-driven threats like adversarial attacks, automated malware, and malicious use of generative AI

AI/ML

Building expertise in AI/ML engineering to enhance automation capabilities and unlock deeper analytical insights.
Exploring machine learning models, and AI applications to solve complex problems.

Featured Cybersecurity Labs

Project 3: Elastic SIEM Lab – Log Ingestion, Attack Detection, MITRE ATT&CK Mapping, Dashboards

Enterprise SIEM lab using Elastic Stack for a dedicated SOC server, ingest endpoint logs, simulate different attack techniques, and create custom detection rules mapped to MITRE ATT&CK for real-world alert investigation.

Read Lab

Project 2: Wazuh SIEM Lab (Docker, ARM64)

I built a Wazuh SIEM in Docker on my Mac (ARM64), added a Linux endpoint with the agent, and walked through generating real alerts.

Read Lab

Project 1: Raspberry Pi Docker Home Lab

Container-based home lab on Raspberry Pi with Docker and Portainer—a secure, reproducible base for SIEMs, honeypots, IDS, and monitoring.

Read Lab

Featured Cybersecurity Trainings

View all Cybersecurity Trainings →

TryHackMe SOC Level 1 Learning (In Progress)

What I Learned:

Blue Team and SOC fundamentals — SOC structure, analyst roles, internal SOC vs MSSP career paths
Human and system attack vectors — social engineering, phishing, vulnerabilities, misconfigurations, supply chain attacks
SOC alert triage, reporting, workbooks, and metrics — L1 analyst workflows and SOC team performance
EDR fundamentals — visibility, detection, and response capabilities with hands-on lab practice
Phishing analysis — introduction to phishing with SOC simulator

View Full Details

HackTheBox SOC Analyst Course (In Progress)

What I Learned:

Incident handling — key definitions (event, incident, IT security incident), scope, value, prioritization, incident manager role, and resources (e.g. NIST guide)
Cyber Kill Chain — seven stages: Recon (passive/active), Weaponize, Delivery, Exploitation, Installation (droppers, backdoors, rootkits), C2, Action
MITRE ATT&CK — tactics, techniques, sub-techniques; Pyramid of Pain (hash/IP vs TTP-based detections)
The Hive Platform — case management for incident response, linking alerts, mapping to MITRE TTPs
Incident handling process — four stages (Preparation, Detection & Analysis, Containment/Eradication/Recovery, Post-Incident Activity); investigation vs recovery; lessons learned

View Full Details

Skills & Technologies

Certificates

ITIL Foundations V3

CompTIA Network+

CompTIA Security+ Exam date: Feb. 1, 2026

Operating Systems

Windows

MacOS

Linux

Programming

Python

React

JavaScript

React Native

HTML5

CSS3

Software

ServiceNow

Tableau

JIRA

Cognos

VS Code

Power BI

Supabase

Justin Glover

Texas | Contact Me

Areas of Focus

Cybersecurity

AI/ML

Featured Cybersecurity Labs

Project 3: Elastic SIEM Lab – Log Ingestion, Attack Detection, MITRE ATT&CK Mapping, Dashboards

Project 2: Wazuh SIEM Lab (Docker, ARM64)

Project 1: Raspberry Pi Docker Home Lab

Featured Cybersecurity Trainings

TryHackMe SOC Level 1 Learning (In Progress)

HackTheBox SOC Analyst Course (In Progress)

Skills & Technologies

Certificates

Operating Systems

Programming

Software