Kevin Guzman

Kevin Guzman

Cybersecurity & Infrastructure Student focusing on AI, enterprise security architectures, secure operations, and OT environments.

Security OperationsWazuh SIEM, ELK Stack, Suricata IDS/IPS
Infrastructure ArchitectureEnterprise SAN, Identity & Access Management (Keycloak/OPA)
Network EngineeringpfSense, Fortinet, IEC 62443 Segmentation
Offensive SecurityPenetration Testing, Vulnerability Assessment, Threat Modeling

Semester Portfolio

Semester 7 | Current

Automated Threat Defense & CyDes Lab

Leading the "Power2Power CyDES" initiative while researching AI-driven defensive automation for Purple Team environments.

Group Leadership: Power2Power

  • Acting as Group Leader for a collaboration with Power To Power on distributed energy system security.
  • Designing CRA-compliant network architectures for cyber-physical systems involving PLCs and Digital Twins.
  • Implementing IEC 62443 standard zones and conduits in complex Netlab environments.

Personal Research: AI-Driven Defense

  • Developed an automated defense script utilizing Gemma 4B and Gemini-CLI for real-time SSH log analysis.
  • Integrating active deception (Canary Tokens) with endpoint forensics (Velociraptor/Sysmon).
  • Built a 64GB RAM virtualized homelab for high-fidelity security validation and incident response testing.
Explore Lab Architecture Page →
Semester 6

IAM Dataspaces & SAN Architecture

Implementing ODRL-based authorization visualizers and transitioning from local storage to enterprise SAN architectures.

IAM building Blocks (Smart City)

  • Integrated IAM components into a dataspace for the "Eindhoven Verlicht" initiative.
  • Developed the ODRL Authorization Visualizer using a microservice stack: APISIX, OPA (Rego), and Keycloak.
  • Successfully orchestrated end-to-end JWT token validation and dynamic policy enforcement.

SAN Evolution

  • Built a Storage Area Network (SAN) prototype using consumer-grade hardware and iSCSI protocols.
  • Conducted performance gap analysis between NAS and SAN, focusing on latency and virtualization workloads.
  • Applied TOGAF Phase A and ArchiMate modeling to align technical setup with business continuity requirements.
View SAN Whitepaper →
Semester 5 | Internship

Enterprise Infrastructure Modernization

Internship at Bufab Flos: Redesigning corporate networks for automation and ISO 27001 compliance.

Bufab Flos Modernization

  • Responsible for redesigning and implementing network segments to support a new Warehouse Management System.
  • Prepared infrastructure for ISO 27001 compliance through strict VLAN segmentation and firewall hardening.
  • Executed Fortinet Firewall configurations, server consolidation, and Wi-Fi frequency analysis.
  • Coordinated technical requirements with stakeholders to ensure zero-downtime during the migration.
Semester 4

Professional Pentesting & IDS

Conducting penetration tests for Germany-based clusters and implementing Suricata for network-wide detection.

Pentest: EHV-A Project

  • Conducted intelligence gathering (OSINT) and reconnaissance for a virtualized environment hosted on Azure/Kubernetes.
  • Identified outdated webserver versions and misconfigured certificates as primary entry vectors.
  • Navigated complex legal and scoping constraints within a professional pentesting contract.

Network Defense

  • Implemented Suricata IDS for network-based intrusion detection.
  • Developed "Body of Knowledge" documentation on Wi-Fi cracking vectors and defensive countermeasures.