THE HUNTER’S LEDGER
Consulting & Advisory
Threat Intelligence That Works for Your Team
An independent practice run alongside active security operations work. Engagements stay selective — quality and fit over volume. If it's a fit, you get the same depth that goes into the research on this site, applied directly to your environment.
Services
Flagship
Retainer Advisory

Standing access to everything below — malware analysis, IR advisory, detection reviews, threat-model work — without re-scoping a new engagement each time. When something comes up, your team has a resource to call rather than starting from scratch. Structured around your cadence; retainer slots kept small.

Malware Analysis & RE

Full technical breakdown of what a sample actually does — static + dynamic analysis, behavioral mapping, IOC extraction, and detection development. Can extend into campaign investigation or infrastructure pivoting when it adds value.

AI Systems & Workflow Engineering

Design and engineering of AI systems and multi-agent workflows — from architecture to working build. Grounded in hands-on experience building production multi-agent systems (including the pipeline behind this site's research), and applicable well beyond security.

Incident Response Advisory

Remote advisory for teams working through an incident or building out IR capability — scoping, planning, program development, and malware-analysis support. A way to think through what you're seeing alongside an active investigation.

SOC Program Advisory

A sounding board for teams standing up or maturing a SOC — structure, process, tooling, analyst workflows, and detection strategy. Drawing on experience leading threat detection across large enterprise environments.

Detection Engineering Advisory

Targeted review and improvement of detection coverage for a specific threat, technique, or gap — grounded in real malware analysis and attacker tradecraft, scoped to your SIEM or EDR.

Threat Model Review

A focused review of the threats that actually matter to your organization — what to track, what to deprioritize, and where your detection and response gaps are against the most likely threats.

Threat Intelligence Utilization

Operationalize the intelligence your team already has — hunting plans, translating intel into detection logic, and briefings on relevant threats and campaigns.

Training & Knowledge Transfer

Focused sessions for analyst teams — threat hunting, applying malware reports, turning threat intel into detections, or understanding specific threat actors.

Background

SOC Operations Lead at EY with experience leading threat detection and response across large enterprise managed security accounts. GIAC Certified Forensic Analyst (GCFA); SANS FOR508 and FOR608. The research published on this site comes from the same work I do professionally — original malware analysis, hunting, and detection engineering done at depth.

Full background and credentials →

Get in Touch
Start a conversation

A few sentences is plenty — what you're working through, your environment, and whether it feels like a one-time thing or something ongoing. The goal is just to get the conversation started.

intel@the-hunters-ledger.com → I'll respond within a few business days. If the scope needs shaping to get there, that's part of the partnership.