When Prevention Fails: Extending IR and Digital Forensics to the Corporate Network (slides from SANS Boston 2011)
The slides from my @night talk at SANS Boston 2011 are available for download now: When Prevention Fails, Extending IR and Digital Forensics Capabilities to the Corporate Network (PDF – 6,2 MB) Thanks to Barbara Basalguete, Stephen Northcutt and the rest of the SANS crew for the opportunity to participate in such a great event, as well [...]
I can’t think of any better place to be in May than… Berlin!! So all packet-ninjas looking to improve their TCP/IP and traffic analysis skills are welcome to join us in the first ever Community SANS Berlin for the SECURITY 503: Intrusion Detection In-Depth track. A full description of the event can be found here: [...]
Mac OS Forensics How-To: Simple RAM Acquisition and Analysis with Mac Memory Reader (Part 1) – update (and Part 2)
Part 1 of my post on Mac OS X memory acquisition and analysis has been posted at the SANS Forensics Blog. I’ll try to publish Part 2 early next week. Stay tuned!
I’m glad to announce that I will be teaching Community SANS Security 503: Intrusion Detection In-Depth at Banbury, Oxfordshire (UK). This 6-day course will run from Monday, February 15, 2010 through Saturday, February 20, 2010.
That’s been what I call my ‘SANS itinerary’ since I started this exciting journey back in June 2007. It all started at SANS Secure Europe, in Brussels, where I took my first SANS class with Jess Garcia, CEO of One eSecurity and a good friend of mine. It was SECURITY 508, System Forensics, Investigation & Response, an awesome track created by Rob Lee on one of the most interesting and hot topics of Information Security. It’s been almost two years since then, but now I realize that event had a tremendous positive influence in my career as a security professional.
After a week of ISO 27001 auditing in the UK and a busy week aftewards, I finally managed to get some time to read my favourite blogs. I was doing so, when I read an interesting post in the Internet Storm Center that analyses some lessons learnt from a severe incident affecting The Planet, a well known hosting provider. Being a BSi [...]
I was discussing with a friend a few weeks ago how challenging is to teach folks that come in from the exclusive Windows-world on advanced Unix topics. Yes, I mean the kind of user that ends up rebooting a Unix box after changing a conf file instead of just restarting the appropriate services . I’m [...]
Yes! I’m just writing my first post from the Apple Store at Regent Street (London) to let you know that I’ve just passed my SANS GCIA exam. Indeed, I know it could have been better (scored 89%) and that I scored even more on my first GIAC exam (GCFA -Forensics Analyst- that I took on [...]
Find It Quickly
Find what you're looking for quickly by using our keyword search. Can't find it? Try our links below.