BLACK HOODIE LABS

// security research & infrastructure

Cybersecurity operations, cloud infrastructure, and security engineering โ€” built from hands-on experience defending real environments.

Explore Services

// 01 โ€” What We Do

Core Services

From security operations to infrastructure architecture, we provide hands-on technical expertise across the defensive security spectrum.

๐Ÿ›ก๏ธ

Security Operations

Threat detection, incident response, and continuous monitoring using Microsoft Defender, Sentinel, and custom detection engineering. Real-time defense for real-world threats.

โ˜๏ธ

Cloud & Azure Security

Multi-tenant Azure architecture, Entra ID hardening, conditional access policies, and Key Vault management. Secure cloud environments from the ground up.

๐Ÿ”ฅ

Network Security

Palo Alto firewall configuration, network segmentation, VPN architecture, and traffic analysis. Defense-in-depth at the perimeter and beyond.

โš™๏ธ

Infrastructure & Automation

Docker containerization, CI/CD pipelines, self-hosted services, and infrastructure-as-code. Scalable, repeatable, and secure by default.

๐Ÿ“Š

Risk & Compliance

GRC framework implementation, risk acceptance tracking, security policy development, and audit preparation. Aligning security with business objectives.

๐Ÿงช

Lab & Research

Threat intelligence (OpenCTI, MITRE ATT&CK), local AI/RAG systems, security tool evaluation, and proof-of-concept development in our dedicated lab environment.

๐Ÿ’ผ

IT/Cybersecurity Consulting

Strategic advisory services for organizations looking to mature their security posture. Technology roadmaps, architecture reviews, vendor assessments, and hands-on guidance tailored to your business needs and budget.

// 02 โ€” Who We Are

About Us

Black Hoodie Labs operates at the intersection of cybersecurity, cloud infrastructure, and hands-on engineering. We're not a slide deck shop โ€” we build, configure, deploy, and defend actual systems.

Our expertise spans the full defensive stack: from endpoint security with Microsoft Defender for Endpoint to network perimeter defense with Palo Alto, from Azure cloud architecture to containerized service deployments.

Backed by a fully operational home lab running containerized threat intelligence platforms, SIEM/SOAR tooling, and AI research systems, we continuously test, validate, and refine our approaches before they ever touch a production environment.

24/7 Monitoring
Azure Multi-Tenant
Docker First
Lab Validated

// 03 โ€” Tech Stack

Tools & Technologies

The platforms and tools we work with daily to defend, build, and automate.

Microsoft Defender Azure / Entra ID Palo Alto Sentinel Docker Kubernetes Django PostgreSQL n8n Cloudflare OpenCTI MITRE ATT&CK Elasticsearch Kibana Ollama MongoDB Rocky Linux Ubuntu Git / CI-CD Python Key Vault MinIO

// 04 โ€” Get In Touch

Contact Us

Interested in working together or have a security question? Reach out โ€” we're always happy to talk shop.

โ†’ [email protected]
โ†’ github.com/blackhoodielabs