Cybersecurity Archives - Tristan Dostaler

Lockbit ransomware – How to recover your data

by Tristan Dostaler | Jul 17, 2022 | Cybersecurity, DFIR, Information Technology, InfoSec, Private Posts

I was recently working on a Lockbit ransomware incident and I was able to recover the data from encrypted VMDK and VHDX files.

How to secure WordPress

by Tristan Dostaler | Jun 4, 2022 | Cybersecurity, Information Technology, InfoSec, Private Posts

In this post, I explain different strategies that can be use to secure WordPress. I cover the basics, the plugins and more.

CIS controls – where to start in securing a medium/big enterprise

by Tristan Dostaler | Jan 4, 2022 | Cybersecurity, Information Technology, InfoSec, Private Posts

It’s hard to decide where to put the efforts to secure this environment. The 18 CIS Controls can help us prioritize our efforts.

The Log4j Vulnerability Explained

by Tristan Dostaler | Dec 23, 2021 | Cybersecurity, Information Technology, InfoSec, InfoSec News, TL;DR;

In this post I explain what is the story around the Log4j vulnerability, named Log4Shell, and why it’s on the news.

Cybersecurity Books and References – A Good InfoSec Reading List

by Tristan Dostaler | Jul 19, 2021 | Coding, Cybersecurity, Information Technology, InfoSec, Software Architecture

I have been asked for a reading list of cybersecurity books. I decided to document this list here so it can be used by a broader public.

Where to start in Cybersecurity for new comers

by Tristan Dostaler | Mar 28, 2021 | Cybersecurity, Information Technology, InfoSec

If you Google “Cybersecurity paths”, “Cybersecurity career” and other similar terms, you’ll find an array of results with all kind of advices all addressed at people already in the field. In this post, I’ll try to explain my take on this subject, but destined for new comers.

The Elasticsearch license saga

by Tristan Dostaler | Feb 9, 2021 | Cybersecurity, Information Technology, InfoSec

As you may know from my posts, I like Elasticsearch. However, Elastic, the Elasticsearch company, recently announced it’s decision to change the license of it’s open-source products. Since then, the community largely reacted to this. Let me explain.

An overview of a good InfoSec Strategy

by Tristan Dostaler | Jan 20, 2021 | Cybersecurity, Information Technology, InfoSec

A friend of mine recently challenged my post SIEM 102 — Detect WordPress bruteforce where he proposed a tool that can effectively bruteforce WordPress from a lot of different IPs. My answer: you need to have a good InfoSec Strategy!

SIEM 102 — Detect WordPress bruteforce

by Tristan Dostaler | Jan 19, 2021 | Cybersecurity, Information Technology, InfoSec, SIEM, SIEM 100 series

WordPress is one of the most popular CMS and website server in the world. It handles “more than 30%” of the websites on the internet. Because of this, bad actors are really interested in finding ways to get control of them. In this post I explain how to detect a WordPress bruteforve.

Zero Trust Architecture – What it is and what I think of it

by Tristan Dostaler | Jan 11, 2021 | Cybersecurity, Information Technology, InfoSec, InfoSec Architecture

A Zero Trust Architecture (ZTA) is an Information Security architecture based on the idea that a network shouldn’t have inherent trust on the internal boundary. This post explain what it is and what I think of it.

« Older Entries

MEGA referal

You can join MEGA, the most secure cloud storage, with this referral link: https://mega.nz/aff=7Y94iYz_csg