Lars Ursprung
Cyber Security and Software Engineer
Cyber Security Skills
SIEM & Endpoint Detection and Response
A Security Information and Event Management system is a critical component for safeguarding business networks against cyber threats. My background includes over two years of hands-on experience in a Security Operations Center (SOC), where I have built up my skills in using SIEM systems and data analysis tools like Kibana. I have also worked with FireEye EDR and NIDS systems, enhancing my cybersecurity knowledge, including network security, endpoint security, and threat detection. In my home network I run Wazuh as an XDR to secure my servers.
Penetration Testing
During my time at one of Germany's leading banks and one of Europe's largest software companies, I conducted penetration tests for web applications and performed code reviews. This experience provided me with the skills to effectively identify vulnerabilities in both code and system infrastructure.
Cyber Threat Intelligence and Threat Hunting
While working in a Security Operations Center, I used CTI services like Recorded Future and VirusTotal for threat analysis. Currently, I work in a CTI and Threat Hunting team, automating analysis with AI (RAGs and agents) to process large data sets faster. I also develop open-source tools that integrate several CTI services.
Open Source Development
OSINT Toolkit
Selfhostable cyber security platform with many features and useful AI capabilities.
GitHub