Nicolas Southern
Nicolas Southern
← Back to Cyber

In-House Tool

Lockhaven

A WireGuard-backed secure access control plane for enrolling remote devices, managing infrastructure inventory, orchestrating private service sessions, and administering distributed systems without exposing internal services to the public internet.

Overview

Lockhaven replaces direct exposure of internal services with controlled private access patterns. It combines secure remote access, infrastructure inventory, and centralized security monitoring for distributed environments.

Highlights

Built a WireGuard-backed secure access control plane for remote device enrollment and infrastructure inventory.

Designed security architecture around private networking, role-based access control, auditability, and service health monitoring.

Reduced external attack surface by replacing direct exposure of internal services with controlled private access patterns.

Architected and deployed an open-source SIEM and SOC operations platform for distributed electronic pull-tab gaming systems.

Centralized Sysmon telemetry, Windows Event Logs, authentication activity, application logs, and Defender events into an OpenSearch/ELK-style monitoring environment.

Capabilities

Secure Access Control

WireGuard-backed device enrollment, role-based access control, and authenticated service sessions for remote administration.

Reduced Attack Surface

Internal services stay off the public internet while remaining accessible through controlled private networking patterns.

SIEM & SOC Operations

Centralized telemetry from Sysmon, Windows Event Logs, authentication activity, application logs, and Defender events in an OpenSearch/ELK-style environment.

Tech Stack

WireGuard
OpenSearch
Sysmon
Terraform
Infrastructure as Code
SIEM