PocketSOC: Agile Remote Monitoring Center
PocketSOC: 輕量級遠端監控中心

HO Yi Tik
何爾迪

BSc (Hons) ICT

My name is Ho Yi Tik, an ICT graduate from THEi who developed PocketSOC. I excel in engineering teamwork and technical communication. My key skills include Windows Server administration, network management via VirtualBox, programming (Java, C++, Python), basic AI training, data visualization, and managing sensitive database configurations with high integrity.

This project introduces a highly portable, fully functional mobile Security Operations Center (SOC) designed to bridge defensive gaps created by permanent “Work From Anywhere” models. Bypassing expensive, stationary infrastructure, it empowers IT administrators to audit system integrity, monitor device health, and curb security violations on the move. Driven by a centralized PowerShell agent orchestration tool, the platform intercepts raw Windows security event logs in real time, transforming complex data into streamlined, hronological forensic streams. During testing, the architecture achieved exceptional end-to-end alert propagation latencies averaging 180 to 320 milliseconds, delivering rapid, live tracking of critical threat signatures.

本項目推出了一款高度便攜,功能完整的移動式安全運營中心(SOC),旨在消除因常態化「隨處工作」模式帶來的遠端端點防護盲點。本系統擺脫了傳統昂貴且笨重的固定式硬體架構,讓 IT 管理人員能夠隨時隨地審查系統完整性,監控硬體的健康狀態,並遏制正在發生的安全違規行為。在 Windows 主機端,只須透過中央 PowerShell 代理程式,即可實時攔截原始 Windows 安全事件日誌,並將其轉化為直觀、按時間順序排列的鑑識數據流。經測試證實,該平台的端到端警報傳輸,平均延遲僅為 180 至 320 毫秒,能針對暴力破解遠端桌面(RDP)及惡意清除日誌等關鍵威脅特徵做出即時響應。

Tutor: Mr Tang King Fai