About me

Past and Present Info

Steven Folek
Pir00t


Senior Principal Security Analyst @ Oracle
Current focus: Threat Hunting & Research | Enterprise Digital Forensics (Cloud & On-Prem) | Malware Analysis & Reverse Engineering

Core areas I work in:

  • Enterprise DFIR across Linux, Windows, and Cloud environments
  • Threat hunting driven by MITRE ATT&CK mapping and post-incident analysis
  • Malware analysis, reverse engineering, and YARA development
  • Memory and network forensics
  • Detection improvement through structured investigation feedback loops


Python

  • Investigation automation
  • Standalone forensic and hunting tooling
  • Custom security tooling to scale analysis workflows


Previous roles can be found on my LinkedIn.

Earlier in my career I worked on projects such as my 2016 summer internship: Practical side-channel attacks on embedded device cryptography. The presented work and my contribution on key extraction can be viewed on YouTube.

My university placement as a Helpdesk Technician for an MSP built the foundation for everything that followed. Working across diverse client environments strengthened my networking and systems knowledge, and developed my ability to translate complex technical problems into clear, actionable explanations. That experience culminated in acting as IT and networking lead for the Edinburgh International Film Festival.


I obtained a First Class Honours Degree (BEng) in Computer Security and Forensics from Edinburgh Napier University (supervised by the brilliant Bill Buchanan OBE). My honours project focused on the creation of portable Ransomware Analysis and Detection Systems.


Outside of day-to-day work, I’m a strong believer in continuous learning. I regularly engage with various cyber security platforms to stay sharp on reverse engineering, malware labs, and emerging adversary techniques.

I’ve also undertaken industry recognised tradecraft through SANS training, completing FOR710: Reverse-Engineering Malware: Advanced Code Analysis (challenge coin recipient) and FOR577: Linux Incident Response & Threat Hunting (GLIR certified).

To balance the screen time, I’m usually found practicing DDPY (yoga, pilates, calisthenics). I also dabble in learning Polish and Russian (Duolingo still finds me!).


If you’re interested in DFIR, threat hunting, reverse engineering, or just want to talk shop — feel free to reach out using the links below.