Majed Saeed

Projects

Hands-on labs and projects, documented end to end. The featured ones include the full case study — problem, architecture, security considerations, and what I took away.

Case studies

Cloud Misconfiguration Auto-Remediation

An event-driven security platform that continuously detects AWS misconfigurations and auto-remediates them — public S3 buckets, over-permissive IAM policies, open security groups — with SNS alerting and CloudWatch monitoring.

AWS Config, Lambda, EventBridge, SNS, IAM, S3, CloudWatch, Python

EC2 SSH Disaster Recovery

Recovered a locked-out EC2 instance by detaching and remounting the root EBS volume on a rescue instance, repairing SSH configuration, and restoring access with zero data loss.

EC2, EBS, Linux, SSH, Incident Response

Linux Auth Monitoring with Splunk

Engineered a Splunk SIEM lab ingesting Linux auth logs with search queries and alerts to detect SSH brute-force attempts and anomalous login patterns — SOC-style threat detection.

Splunk, SIEM, Linux, Syslog, Log Analysis

Secure AWS VPC with NAT Gateway

Built end-to-end AWS infrastructure with a segmented VPC — public and private subnets, NAT gateway, least-privilege IAM — following Well-Architected best practices.

VPC, NAT Gateway, Subnets, Route Tables, IAM, EC2
More work

Wazuh SIEM — Endpoint Security Monitoring

Deployed Wazuh with an Ubuntu manager and Windows 10 agent for centralized endpoint detection and security event monitoring, including firewall configuration and network troubleshooting.

Wazuh, SIEM, Ubuntu, Windows 10, Firewall, Endpoint Security

Snort IDS — Network Intrusion Detection

Built a Snort IDS lab with custom rules detecting ICMP sweeps and TCP port scans, then analyzed alerts to identify reconnaissance activity.

Snort, IDS, Ubuntu, Kali Linux, Custom Rules, TCP/IP

EC2 Security Hardening

Hardened an Ubuntu EC2 server with UFW firewall and Fail2Ban to reduce exposure and slow automated attacks.

EC2, Ubuntu, UFW, Fail2Ban, SSH

All repositories on GitHub →