I'm Isaac, a security researcher focused on threat intelligence through proactive sensor deployment and large-scale internet telemetry.
With GreyNoise researcher access, I run geographically distributed sensors that emulate vulnerable systems. This allows me to observe real attacker behavior, separate background noise from targeted activity, and track emerging patterns across the internet.
My goal is to turn raw telemetry into clear, actionable insights about how threats operate in real-world environments.
Built a custom threat intelligence CLI that aggregates data from GreyNoise, AbuseIPDB, VirusTotal, and Shodan into a unified workflow.
The tool normalizes multi-source intelligence, applies scoring logic, and produces clear verdicts to classify IPs as benign, suspicious, or malicious.
Designed to streamline investigations by reducing multi-platform lookups into a single command, with enriched output including detection summaries, certificate inspection, and reputation analysis.
GreyNoise Sensor Operations
Active
Deployed multiple sensors across different geographic regions and providers, each emulating vulnerable systems to capture internet background noise and malicious activity in real time.
Sensor Data Analysis Workflow
Active
Processing telemetry to distinguish opportunistic scanning from targeted attacks, using enrichment from VirusTotal, static analysis, and sandboxing of collected payloads.
Threat Intelligence Contributions
Ongoing
Mapping attack patterns, identifying emerging campaigns, and analyzing geographic differences in scanning and exploitation behavior across the internet.