Skip to content
View christian-taillon's full-sized avatar
β˜•
{"input":"coffe","output":"solutions"}
β˜•
{"input":"coffe","output":"solutions"}

Organizations

@Arizona-Cyber-Threat-Response-Alliance

Block or report christian-taillon

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
christian-taillon/README.md
layout title permalink
page
About
/about/

Hello world! 😁

My name is Christian Taillon

I am a Christian, a husband to a wonderful wife, a Cyber Security Practitioner, and a very novice developer.

In my day job, I contribute to Grand Canyon Education's IT Security team as a Threat Response Engineer. My efforts focus on improving the Security team's operational tools and capabilities to efficiently detect and effectively respond to threats. This is done primarily through work relating to SIEM, EDR, NTA, and an evolving Threat Intelligence program.

I would love to spend most of my days working out of vim or atom, a few SSH sessions, and a web browser and build cool dashboards, searches, and tools in Splunk. However, my day job involves supporting a fantastic SOC in both solutions and operations, so I don't always get what I want. πŸ˜‰ When not helping lead response for escalated incidents, I find myself deploying or improving various security detection, monitoring, and response controls or leading development toward a mature COTH program.

Once the workday is over and scattered in between, I enjoy contributing to the Threat Intelligence community via research and TI Content Development. I love to mess around in the fun world of DevOps and Red Team Automation in my home lab. Excited about the role of DevSecOps. While I spend most of my time in Ops, I am working to improve myself as a developer to actualize ideas and contribute to others fighting cyber-criminals.

When AFK, I try to get out and hike, kayak, or explore God's green earth in some capacity with my best friend and biggest supporter, my amazing and wonderful wife.

Current Roles

In Cybersecurity, we don't have the luxury of time. Our work demands persistence, proactivity, and collaboration. I believe that you don't need to work at the same company to be on the same team.

Grand Canyon Education
My day job is as a Threat Response Engineer working out of the Phoenix, Arizona area. I was also responsible for developing a Threat Intelligence and now Threat Hunting program. In this role, I am also responsible for handling most of our Cyber Forensic Analysis.

Arizona Cyber Threat Response Alliance
I am also a Global Watch Center Handler and Core Contributor for ACTRA. I also lead our Threat Intelligence Exchanges, help develop tools for our operations, and I am an instructor at ACTRA's Academy.

Cyber Resiliency Institute
And finally, I recently joined the CRI as a Solutions Architect. Additionally, on the CRI's Sports-ISAO program, I am a Cyber Observable Threat Hunting Team member. We recently supported the Threat Intelligence operations of the Tokyo Olympics.

readme-stats

Azure

christian-taillon


trophy


βš’ Favorite Tools:

Atom Visual Studio Vim
Splunk Enterprise Kali ELK
Trello Slack
IBM Threat Exchange VirusTotal
Docker

πŸ’Ύ Code Control:

Git

GitHub

DevOps

πŸ“„ Favorite Languages:

Splunk Python Bash
PHP PowerShell

πŸ’» Favorite OS Flavors:

Debian Android Arch

☁ Cloud Experience:

DigitalOcean Azure AWS

β€πŸ–ΌοΈ Topics I Can Readily Present On

Hunting CTIHunting Hunting
SupplyChain Forensics MallardSpider: QakBot ModernSoc
Hunting

🧰 Workshops I Run

SplunkDashboarding Git4Ops
RPi-MineCraft SplunkDashboarding


Find me on

Github Medium LinkedIn VirusTotal IBM twitter OTX

Code Time

Lines of code

🐱 My GitHub Data

πŸ“¦ 206.6 kB Used in GitHub's Storage

🚫 Not Opted to Hire

πŸ“œ 55 Public Repositories

πŸ”‘ 11 Private Repositories

I'm an Early 🐀

🌞 Morning                263 commits         β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘   24.37 % 
πŸŒ† Daytime                455 commits         β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘   42.17 % 
πŸŒƒ Evening                321 commits         β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘   29.75 % 
πŸŒ™ Night                  40 commits          β–ˆβ–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘   03.71 % 

πŸ“… I'm Most Productive on Monday

Monday                   277 commits         β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘   25.67 % 
Tuesday                  156 commits         β–ˆβ–ˆβ–ˆβ–ˆβ–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘   14.46 % 
Wednesday                148 commits         β–ˆβ–ˆβ–ˆβ–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘   13.72 % 
Thursday                 196 commits         β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘   18.16 % 
Friday                   208 commits         β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘   19.28 % 
Saturday                 56 commits          β–ˆβ–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘   05.19 % 
Sunday                   38 commits          β–ˆβ–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘   03.52 % 

πŸ“Š This Week I Spent My Time On

πŸ•‘οΈŽ Time Zone: America/Phoenix

πŸ’¬ Programming Languages: 
Python                   50 mins             β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–‘β–‘β–‘β–‘   85.01 % 
sh                       7 mins              β–ˆβ–ˆβ–ˆβ–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘   12.92 % 
Git Config               1 min               β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘   01.77 % 
Other                    0 secs              β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘   00.28 % 
Crontab                  0 secs              β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘   00.02 % 

πŸ”₯ Editors: 
VS Code                  51 mins             β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–‘β–‘β–‘   87.05 % 
Zsh                      7 mins              β–ˆβ–ˆβ–ˆβ–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘   12.92 % 
Vim                      0 secs              β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘   00.02 % 

πŸ’» Operating System: 
Linux                    59 mins             β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ   100.00 % 

I Mostly Code in Python

Python                   13 repos            β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘   40.62 % 
JavaScript               3 repos             β–ˆβ–ˆβ–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘   09.38 % 
C#                       1 repo              β–ˆβ–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘   03.12 % 
Java                     1 repo              β–ˆβ–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘   03.12 % 
PowerShell               1 repo              β–ˆβ–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘   03.12 % 

Timeline

Lines of Code chart

Last Updated on 13/04/2024 20:32:31 UTC

Pinned Loading

  1. openai-cl openai-cl Public

    Command Line tool for OpenAI's ChatGPT service

    Python 4

  2. splunk-spl splunk-spl Public

    SPL cheatsheet for Splunk.

    Python 20 5

  3. sunburst-hunting sunburst-hunting Public

    Meant to aid other responders; indicators and hunting techniques to identify SUNBURST compromise and establish scope and summarized analysis and links to additional resources.

    3

  4. log4shell-hunting log4shell-hunting Public

    This repo exists to aid hunters in discovering and investigating log4j attacks against their organization.

    Shell 4

  5. splunk-docker splunk-docker Public

    Repository for splunk-docker deployment. Portainer users can simply use this git repository for a new stack.

    Shell 1 1

  6. Search to look for Follina Adversary... Search to look for Follina Adversary activity. Written in SPL for Crowdstrike data; however, content can support queries in other products.
    1
    ((((ParentBaseFileName IN ("*WINWORD.EXE" ,
    2
                               "*EXCEL.EXE" ,
    3
                               "*POWERPNT.EXE" ,
    4
                               "*MSPUB.EXE" ,
    5
                               "*VISIO.EXE" ,