What will you investigate today?
Intervenant(s) : Xavier Mertens
- Date : Dinsdag 9 juli 2013
- Horaire : 10h00
- Durée : 40 minutes
- Lieu : H 2215
With the continuously growing infrastructure used inside companies, it became very difficult to extract the right information at the right time in case in security incident. Even more, it could be a good idea to search for potential issues based on behavioral monitoring. Finally, the Internet offers plenty of free resources that could be also used to increase the value of your own data. My talk review some pists to implement a simple log management infrastructure based on free resources (software & data).
Xavier Mertens is a Security Consultant working for a Belgian telco and has recenty started his own company. His job focuses mainly on "security monitoring" solutions such as log management, SIEM, incident management but also on audits and pentests. Instead of following vendors, he prefers to find the best solutions to solve security issues. One of his preferred tool at the moment is OSSEC. He wrote several blog articles about this software to increase its performance or visibility. In parallel to his daily job, Xavier maintains his security blog (blog.rootshell.be) and offers some spare time and resources to initiatives like BruCON, EuroTrashSecurity.