Compass Security Blog

Offensive Defense

Page 2 of 2

ASFWS – Bee Ware WAF

Slides available on This talk from Matthieu Estrade (CTO of Bee Ware), entitled officially “Sécurité des application web, analyse technique versus analyse contextuelle” was in fact a kind of sales pitch for Bee Ware, a special kind of Web Application Firewall (WAF). Compass Security has an extensive knowledge about leading WAF products in the […]

Continue reading


Slides available on Alok Menghragani already presented the initial keynote of the conference. This time, he presented us a personal project, not linked in any ways to his current employer. Started in 2008, OPA is an open-source framework designed for being used by companies. Instead of having to learn different technologies for different platforms, […]

Continue reading

ASFWS – Mimikatz

Slides available on Benjamin Delpy, aka GentilKiwi, presented us the sekurLSA and crypto part of his trendy and increasingly famous tool called Mimikatz. If you haven’t heard of it yet, I’m convinced that once you read this article and the slides, you’ll certainly want to try out this great tool immediately on a Windows […]

Continue reading

ASFWS – Obfuscator, ou comment durcir un code source ou un binaire contre le reverse-engineering

Slides available on Both presenters, Pascal Junod and Jean-Roland Schuler work for the HES-SO – the University of Applied Science Western Switzerland. This talk is the follow-up of last year’s presentation, including the improvements done since. While Pascal Junod, from the HES-SO HEIVd (Yverdon-les-Bains) focused on obfuscating binaries based on their source code, Jean-Roland […]

Continue reading

ASFWS – Keynote 1 – Gestion opérationnelle de la sécurité logicielle sur la plateforme Facebook

Slides available on Alok Menghragani graduated in Lausanne with a Master at the EPFL before joining Facebook in 2008, which was back then still a young startup with “only” 100 millions users. He gave us an interesting insight in how Facebook manages over 10 millions of lines of code while keeping “move fast and […]

Continue reading

Day 1 of ASFWS – Introduction

Wednesday 7th of November started early for me as I had to take the train at 6am in Zürich to be in time in Yverdon-les-Bains for the beginning of Application Security Forum – Western Switzerland 2012. This annual security conference, regrouping all actors of the French part of Switzerland during 2 days, invited me to […]

Continue reading

Newer posts »