About me

Who I am, what I research, and what you’ll find here.

Hey — I’m Herni

I’m a cybersecurity analyst based in Buenos Aires, Argentina, with experience in SOC environments and enterprise security operations. I’m particularly interested in the intersection between malware analysis, reversing, and practical detection engineering — the “reverse → detect” loop.

What I do (day-to-day)

• SOC / Incident response: monitoring, triage, containment, and reporting in a global environment using EDR/XDR, SIEM, and cloud-native tooling.
• Security ops & hardening: improving endpoint and cloud security posture with pragmatic, repeatable improvements.
• Clear documentation: I like turning messy incidents and research notes into structured write-ups.

What you’ll find on this blog

For now, I’m keeping it simple:

• Windows API notes (3 per week): short write-ups to learn what common APIs do and where they show up.
• PMRP notes (TCM): occasional study notes from the course.

Background & certifications

• SOC Analyst — incident detection, triage, and response.
  
• Former Technical Assistance for enterprise cybersecurity solutions.
  
• Certifications: eJPTv2, Blue Team Level 1, AWS Cloud Practitioner
  
• Currently: Practical Malware Analysis & Triage (TCM) — in progress
  

Contact / feedback

If you spot an error, have a better approach, or just want to discuss a topic, feedback (positive or negative) is always welcome.

• Email: hernanargibay@proton.me