Xavier Mertens

With a passion for information security, Xavier had the opportunity to steer his career and gained several years of expertise in this field. “I quickly switched to the security field because I like the fact that it’s always changing. New techniques, new threats… we can learn daily. And “security” implies a deep knowledge in IT, from technical stuff to interacting with management.” That is why he focuses mainly on the defensive side of cybersecurity and sometimes on the offensive side.

On the defensive side, he has a strong background in incident management, investigations, malware analysis and threat hunting. On the offensive side, Xavier conducts audits and penetration tests (ethical hacking). His moto is “to better defend yourself, know your enemy”

“There is always something to accomplish in this field”, he says. “One day, I was called by a customer who was infected by a ransomware. He hired me to investigate the infection path, how the malware worked and so on. We were able to make a complete time-line from the phishing email received to up to recovery.”

Besides his daily job as a cybersecurity consultant, Xavier is a SANS Internet Storm Center handler and a SANS Instructor. He maintains his security blog and is involved in many projects and events, always around the information security landscape. He is also co-organizer of the BruCON security conference.

“I attended my first SANS training years ago and discovered what’s behind those 4 letters. I like the way SANS instructors teach. The fact that instructors have also a “business” life is a key point to stay in contact with their fields of experience.” Being part of the SANS Internet Storm Center has been one of the highlights of my career. It is being very gratifying to that after writing about a new technique used by attackers, my publications are cited by many other websites and online resources to help practitioners in the field.”

As a teacher one of Xavier’s goals is for students to learn key techniques to start doing malware analysis. “The idea is to try to explain some very technical topics with real sentences and life-examples. Sometimes, a picture is worth a thousand words. A small diagram and comparison with a real-life example help to understand.”

Besides being a geek that likes electronic toys, he is a drone pilot and enjoys mountain biking every week.

"For many years I've appreciated Xavier's industry contributions through his blog and his participation in the Internet Storm Center. It is wonderful to see him get involved with SANS as a FOR610 instructor as he shared malware analysis expertise with students. As I watched him teach, I could see that the students appreciated his real-world stories and conversational delivery style" Lenny Zeltser

ADDITIONAL CONTRIBUTIONS BY XAVIER MERTENS:

WEBCASTS

SANS@MIC - Remote Forensic Investigations in the Context of COVID-19, August 2020

SANS@MIC- A walk through logs hell, June 2020

SANS @MIC Talk - Self-Compiling Malware, April 2020

In French: Script malicieux et compilation de code source pour contourner les contrôles de sécurité., 2020 décembre

BLOG

You can read Xavier's blog here.

TOOLS

• alerts2afterglow
• hoover
• inotes.py
• know_hosts_bruteforcer
• pastemon
• oplb
• ossec_dashboard
• ossec2dshield
• twittermon
• rhunter
• syslog2loggly