Francine Solheim is a cybersecurity architect specialising in defensive architecture and weird tooling. She has worked on SOC augmentation, ISO 27001-driven security programmes and experimental monitoring tools, and is currently focused on piecing together enterprise-grade-but-still-open-source SIEM/SOAR solutions and making advanced attacker techniques understandable and reproducible for 'normal' engineering teams.