Boštjan Žvanut

Cybersecurity Analyst

Before Boštjan joined NIL in 2017 as a Cyber Security Analyst in the security operations center (SOC), he worked in software development. Since then he has gained a lot of practical experience with internal SOC processes, incident response and security engineering. He is mainly responsible for security automation and orchestration tools (SAO) and vulnerabilities analysis. His software development skills allowed him to develop custom scripts that is needed in playbooks which is the main component of incident response process. Now his work includes: system compromise detection, SIEM tuning, security event triage and investigation, IR processes definition, threat hunting, and security policy consultation. Currently, he focuses on EDR solutions and is the incident response lead.