Michiel Lemmens

Michiel has had an interest in security ever since he was a child. “I wondered how game developers enforced their licenses, how hacking worked, but also non-IT security. I bought my first lockpicking kit when I was 13 or 14 years old, as a way of exploring other means of opening a lock besides a key.” He would go on to study Applied Informatics, covering Network Security and Penetration Testing, eventually earning a Master in Commercial Sciences from University of Leuven. He served with the Belgian Federal Justice Department for several years, contributing to a safer and more open society through his role as a Cyber Security Officer. This role enabled his exploration in several cybersecurity fields including engineering, digital forensics, and offensive operations. After 10 years, Michiel was ready for a new challenge and moved into his role on the Offensive Security Team at the Computer Emergency Response Team (CERT-EU) for the European Union.

More About Michiel

Profile

Michiel’s varied background brings a broad perspective when working with entities and organizations with differing needs. “Thinking like a system administrator is a good way of finding misconfigurations, as is thinking like a Blue Teamer when avoiding detection. My professional environments taught me to work within the limitations of the situation we are in. This is particularly the case with offensive operations. The Red Team does not control the environment, the system owner does. It is up to us as a Red Team to be creative within that environment and its limitations.”

Michiel brings this perspective, along with his ability to breakdown complex subjects into easily digestible explanations, to SANS students. He is able to go into the nitty gritty of the material, whilst keeping you focused on the highways and not the byways. In this way, Michiel keeps his students on track, learning the logic behind different techniques, as well as the proper application. On this, he notes, “It's not just a matter of 'how', but more importantly 'why'.” This logical approach is invaluable to security practitioners diving into the lowest level programming language that is still human readable, Assembly, and learning “the coolest field of infosec”, exploit development.

In his free time, Michiel prefers to leave the screen for a bit, opting for outdoor activity, like running, riding his motorcycle, or snowboarding, or some quiet time, reading books.