Sam Stoneley

I’m currently the UK SOC Team Lead at SenseOn, where I manage the UK team and support the global SOC efforts. In this role, I lead critical incident responses, guiding analysts during incidents, and collaborate with customers to resolve cyber security incidents. I also create detailed threat intelligence reports and continuously work to enhance the SenseOn platform by developing new detection rules and automating reporting processes.

A few of my recent blog posts that showcase my work and insights include:

• Fake CAPTCHAs, Real Threats: How Lumma Stealer Tricks Users into Self-Inflicted Malware
• Unmasking Microsoft's Mystery: When Anomalous Scans Are Just Business as Usual
• Unmasking The Activities Of A Low Level Threat Actor Using Njrat

Before joining SenseOn, I worked at the BBC, starting as an Apprentice SOC Analyst and later advancing to a full SOC Analyst. During my time there, I focused on improving security incident response, automating processes with SIEM tools like Splunk, and developing detection rules for more effective threat identification. One of my key accomplishments was reducing investigation times by creating custom dashboards and automating routine tasks. I also helped build and maintain SOC runbooks and managed the full lifecycle of security incidents, from triage to resolution.

When I’m not tackling cyber incidents, I’m constantly learning and improving my skills. I’ve taught myself a range of programming languages, which I use to automate tasks and build tools like my Python-based Discord interaction tool for data extraction. I’m also diving deeper into reverse engineering, looking to apply that knowledge to malware analysis and investigations.