Tristan Dostaler

Hello and welcome to my blog where I talk about my interests and try to provide useful information on multiple subjects in Information Technology, mainly on coding and InfoSec. To know more about me, head over to my post whoami.

Tristan Dostaler

Why I switched from Logz.io to Humio

I recently switched to Humio and transferred all the logs and automations I have. In this post I explain why I did this transfer.

CIS controls – where to start in securing a medium/big enterprise

It’s hard to decide where to put the efforts to secure this environment. The 18 CIS Controls can help us prioritize our efforts.

The Log4j Vulnerability Explained

In this post I explain what is the story around the Log4j vulnerability, named Log4Shell, and why it’s on the news.

Cybersecurity Books and References – A Good InfoSec Reading List

I have been asked for a reading list of cybersecurity books. I decided to document this list here so it can be used by a broader public.

NorthSec 2021 CTF write-up – part 2

If you didn't read it, I wrote a "part 1" which addresses easier challenges: https://www.tristandostaler.com/northsec-ctf-write-up-part-1/This post will be the part 2 of my write ups. Hymn This challenge was interesting for me because of my bias towards challenges of...

NorthSec 2021 CTF write-up – part 1

A first write-up for some NorthSec CTF’s challenges

Why MEGA is my favorite cloud storage provider

In this article I explain why MEGA is my favorite cloud storage provider. The main feature I like: they encrypt everything with your password!

Where to start in Cybersecurity for new comers

If you Google “Cybersecurity paths”, “Cybersecurity career” and other similar terms, you’ll find an array of results with all kind of advices all addressed at people already in the field. In this post, I’ll try to explain my take on this subject, but destined for new comers.

The Elasticsearch license saga

As you may know from my posts, I like Elasticsearch. However, Elastic, the Elasticsearch company, recently announced it’s decision to change the license of it’s open-source products. Since then, the community largely reacted to this. Let me explain.

An overview of a good InfoSec Strategy

A friend of mine recently challenged my post SIEM 102 — Detect WordPress bruteforce where he proposed a tool that can effectively bruteforce WordPress from a lot of different IPs. My answer: you need to have a good InfoSec Strategy!