Unix Command-Line Kung Fu
I was discussing with a friend a few weeks ago how challenging is to teach folks that come in from the exclusive Windows-world on advanced Unix topics. Yes, I mean the kind of user that ends up...
View ArticleLessons learnt from a severe security incident
After a week of ISO 27001 auditing in the UK and a busy week aftewards, I finally managed to get some time to read my favourite blogs. I was doing so, when I read an interesting post in the Internet...
View ArticleFrom Brussels to Amsterdam calling at London and Sydney
That’s been what I call my ‘SANS itinerary’ since I started this exciting journey back in June 2007. It all started at SANS Secure Europe, in Brussels, where I took my first SANS class with Jess...
View ArticleTeaching Community SANS Security 503: Intrusion Detection In-Depth
I’m glad to announce that I will be teaching Community SANS Security 503: Intrusion Detection In-Depth at Banbury, Oxfordshire (UK). This 6-day course will run from Monday, February 15, 2010 through...
View ArticleMac OS Forensics How-To: Simple RAM Acquisition and Analysis with Mac Memory...
Part 1 of my post on Mac OS X memory acquisition and analysis has been posted at the SANS Forensics Blog. I’ll try to publish Part 2 early next week. Stay tuned!...
View ArticleCommunity SANS and SEC 503 comes to Berlin! 16-21 May
I can’t think of any better place to be in May than… Berlin!! So all packet-ninjas looking to improve their TCP/IP and traffic analysis skills are welcome to join us in the first ever Community SANS...
View ArticleWhen Prevention Fails: Extending IR and Digital Forensics to the Corporate...
The slides from my @night talk at SANS Boston 2011 are available for download now: When Prevention Fails, Extending IR and Digital Forensics Capabilities to the Corporate Network (PDF – 6,2 MB)...
View ArticleLatest presos and blog posts: Malware traffic analysis with “Bro” and...
I don’t have to tell you how quickly life goes by. But I’m just amazed at the fact that it’s been more than 2 years without writing an entry in my blog! Not that I haven’t done anything interesting...
View ArticleIntelligence Driven Defense: Successfully Embedding Cyber Threat Intel in...
“I thought all I had to do was show the data and people would understand. It doesn’t work. You have to tell a story” – Cliff Stoll. Easier said than done, right? Being able to tell a compelling story...
View ArticleDo you want to learn how to ‘Blue Team’? Start with “Time Based Security”.
Also available on LinkedIn “We’ve been looking at security the wrong way […] Fortress Mentality insists that building tall electronic walls is how to keep the bad guys out. That method hasn’t worked...
View Article