now browsing by category
The next edition of BruCON is already at our doors! Like the previous edition, TrueSec is helping the conference crew by providing online and technical resources and we have again a free ticket to offer for the two-days conferences (26 & 27 of September in Ghen, Belgium).
To win the ticket, there is a small challenge to solve. Are you interested? It starts with this file: challenge.zip. The first one who solves the challenge will receive a free access to the event which includes:
- 2 days of top-quality international speakers
- The opportunity to meet your peers and make new ones
- Food (breakfast, lunch & dinner)
Note: travel and logding aren’t included.
The 2014 edition of InfoSecurity.be is over. I was invited and received a speaker slot. I talked about one of my favourite topic: log management and SIEM but from another perspective. For a few years, SIEM solutions were pushed in front of the stage! Presented as the “security threats killer”, we must be honest: Still today, it’s very difficult to get the best of such expensive tools! Not that they are bad but they remains “tools”. Creating and maintaining correlation rules or filters is an endless game. Based on my experience, I reviewed the current situation and explained why SIEM solutions failed. The second part focused on ideas to improve the detection of threats inside the organisation.
The slides have been publised on slideshare.net:
You want to discuss about this topic? Feel freel to contact me!
I’m just back from InfoSecurity.nl in Utrecht where I presented an updated version of my talk “What Will You Investigate Today?“. I talked about it for the first time during the RMLL in July in front of a very small audience who gave my ideas and inputs. The slides are available on slideshare.net as usual:
Thank you to VNU Exhivitions for inviting me! If you have log management projects or if you’re looking for advices, feel free to contact me!
Since the first edition (already five years ago!), I participated to the Belgian security conference: BruCON as a member of the crew! Organized by a bunch of super-motivated infosec guys, the conference has now its place amongst the best security events around the world.
We are getting close to the next edition which will be held in Ghent on 26 & 27 September 2013. They are still tickets available but I’ve a good news for you: This year, TrueSec is a (small) sponsor and I got one free ticket. I decided to offer it to one of my readers/contacts but… you have to solve a small challenge first! Tempted? It starts here:
The first one who will solve the challenge will receive a free access ticket for the conference. It includes access to the talks and food coupons for both days (breakfast, lunch and dinner). Good luck!
Note: travel and logding aren’t included.
Since this weekend, Brussels is hosting the 14th edition of the RMLL (“Rencontres Mondiales du Logiciel Libre“) or “Libre Software Meeting” in English. As defined on the website, this is a “non-commercial cycle of conferences, round tables and practical workshops based on libre software and its uses. Its aim is to provide a platform for libre software users, developers and stakeholders“. Check out the schedule to see the large number of fields where libre software can be used. Lot of discussions (non technical) were also sheduled.
Of course, there was technical slots reserved to talk about multiple topics and, amongst them, no surprise: information security. The day started with a presentation from Peter Czanik (Balabit Software – the creator of syslog-ng). He performed a good introduction to log management. This one a perfect introduction to my own talk: “What Will You Investigate Today?“. Once you deployed a log management solution, it’s a good idea to start giving more value to your logs by correlating them with external resources. Here is a copy of my slides:
Last week, I was in Dublin to attend the SOURCE conference. I was invited as a speaker and talked about “Unity Makes Strength“. My presentation was about an overview of the current weaknesses introduced by the multiple security solutions deployed to protect infrastructures. All of them achieve a quite good job but how could we improve the overall knowledge by making them talk to each others? My slides are available on slideshare.net:
Yesterday I attended the (ISC)² event in Amsterdam about mobile devices security. I was invited as a speaker and talked about the mobile apps security. The whole day covered the classic topics around mobile devices.
My slides are available on SlideShare: