• Home
  • What I Can Help With
  • Resources
  • Contact
  • About
  • More
    • Home
    • What I Can Help With
    • Resources
    • Contact
    • About
  • Home
  • What I Can Help With
  • Resources
  • Contact
  • About

About HammerCrafted Security

Digital cybersecurity concept with a shield, lock, and warning icons.

Hello and Welcome! My name is Bryan Hammer and HammerCrafted Security is a personal space for breaking down real-world detection and investigative security problems as they actually show up in day-to-day work. This site is built around observations, patterns, and lessons learned from hands-on investigations, not theory, vendor promises, or checklist-driven security. The focus is on understanding behavior, surrounding context, and how small signals often point to larger stories when you widen the lens. Here you’ll find thoughts on detection design, identity and authentication analysis, living off the land activity, and SOC investigation lessons. The goal is not to tell people what tool to buy or which security alerts to trust, but to share how security problems look when you’re the one working them and what holds up when the noise gets loud. HammerCrafted Security exists to share what I’ve learned along the way, for defenders who want clearer thinking, analyst skill development, better context, and fewer false assumptions, as well as to help me keep my notes and presentations organized.

#

SOC Resume Review

#

Level up as a SOC Analyst

#

SOC Mock Interview

What I Can Help With

SOC Career Development Services

Practical coaching for aspiring and early-career SOC analysts who want to improve investigation quality, strengthen escalation judgment, and become more effective in security operations roles.

SOC Resume Review

Detailed resume feedback focused on clarity, technical relevance, investigative experience, and how well your background aligns with SOC hiring expectations. 

SOC Interview Preparation

Targeted interview preparation built around the technical scenarios, analytical reasoning, and escalation decisions commonly evaluated in SOC analyst interviews.

SOC Analyst Skill Development

One-on-one guidance focused on alert triage, investigative thinking, and the practical decision-making skills needed to perform effectively in a SOC environment. 

Investigations & Tradecraft

Threat Tradecraft & Abuse Analysis

Voicemail about a legal noncompliance notice from National Process Service.

Social Engineering & Scam Analysis

A real-world, firsthand example of how modern scams utilize AI voice, spoofed numbers, and legal pressure tactics illustrates the importance of analyst skill development. This scenario also highlights the need for security alerts and the valuable SOC investigation lessons that can help individuals recognize the pattern before panic sets in.

Read more about this

HammerCrafted Presentations

The Anatomy of a 4625 Event Code

This presentation breaks down why failed logon events are rarely just failed logons. Using real investigation patterns, it walks through how authentication telemetry is generated, commonly misinterpreted, and how surrounding context reveals intent that single events miss. The focus is on practical analysis, not alert chasing. 


Developed from real world investigations and internal presentations.


Key themes covered:

  • How Windows authentication events are generated
  • Why single 4625 alerts are misleading
  • Correlating surrounding authentication activity
  • Separating user error from systemic or malicious behavior

Security Analyst Training: Enhancing Your Skills for the SOC

FiverrWyzant TutoringLinkedIn Services

Contact HammerCrafted Security

Have questions about SOC career preparation, resume feedback, or analyst skill development? Send a message and I will get back to you.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

HammerCrafted Security

Follow along for updates, talks, and related insights

Get practical SOC content focused on investigation mindset, analyst development, and real-world alert handling.

Copyright © 2026 HammerCrafted Security - All Rights Reserved.

Powered by

  • What I Can Help With
  • Resources
  • Contact
  • About

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

Accept