Christophe Brocas. Homepage.
Welcome to my little portion of the Internet :)

Shortly, we can say that :

  • On work days: I am a Security engineer for the Security department of the French public Health insurance.
  • On spare time:
    • Pass the SALT: creation+organization+curation with friends of Pass the SALT, a conference dedicated to Security and Free Software (2018->now).
      More info below (projects section).
    • member of the Program committee of this Security conference (2016->now).
    • (past) Botconf: member of the organization team for the 2019 edition, acting as the local host and onsite manpower during the event.
    • (past) RMLL Security track: we curated with friends for 10 years (2008-2017) the Security track of the RMLL, a french FLOSS conference (our last edition | archives).
  • Apart from that, I like living with longboard skates (failure on that point), waves, cats and unicorns around me.

> , , , and .

  • Toulouse hacking Convention 2019 - "Certificate Transparency & threats detection, 24 months later"
    > Given by: /me. Authors: /me, Thomas Damonneville.
    > Resources (en): conference website, slides; Resources (fr): video.
  • Hack-it-n 2018bis - "CertStreamMonitor : utiliser Certificate Transparency pour améliorer sa détection de menaces"
    EN: "CertStreamMonitor: use Certificate Transparency to improve your threats detection"
    > Given by: /me. Authors: /me, Thomas Damonneville.
    > Resources (fr): conference website; (en): slides.
  • SSTIC 2018 -"Certificate Transparency ou comment un nouveau standard peut vous aider à améliorer votre veille sur les menaces"
    EN: "Certificate Transparency when a new standard may improve your threats monitoring"
    > Authors: /me, Thomas Damonneville.
    > Ressources (fr): slides, paper, video; (en): slides, code and README on Github.

\    /\
 )  ( ')
(  /  )
  • "Security.txt implementation @ Assurance Maladie"
    > Author: /me for the team.
    > Ressources (en): blogpost on the Assurance Maladie Security team blog.
  • "Certificate Transparency ou comment un nouveau standard peut vous aider à améliorer votre veille sur les menaces"
    > Authors: /me, Thomas Damonneville.
    > Ressources (fr): paper submitted to 2018 SSTIC security conference.
  • [Linux Pratique] more then 20 articles written in French for Linux Pratique magazine to expose and explain in detail security topics like encryption, self hosting, secure web development or TLS for novice to medium technical level readers. Started in may 2015 and still going on.
    > See announcements (fr).
  • [MISC magazine]"Reverse proxy Apache 2.2 ou l’intérêt d’un équipement en coupure"
  • [MISC magazine]"Mon serveur DNS, mon IDS oublié"
    > See article (fr).
  • [MISC magazine]"De la sécurité d'une architecture DNS d'entreprise"
    > Authors: Jean-Michel Farin, /me.
    > See article (fr).
Blog Blog website | Note: after a server crash, only a small subset of the original posts restored ;-)

  • [software] CertStreamMonitor
    Use Certificate Transparency to:
    • monitor certificates signed for specific domain strings,
    • store hostnames found that way into a sqlite3 database,
    • alert you when corresponding web sites come online.
    > Developed at work by Thomas Damonneville and /me.
    > Code available under #GPLv3 on Github. #BlueTeam #Python

  • [conference] Pass the SALT, Security And Libre Talks.
    Established in 2018, Pass the SALT is a conference dedicated to Free Software and Security.
    • Free entrance.
    • Fully in English.
    • Held in Lille, North of France.
    • 2019 figures: 26 talks, 9 workshops, 240 registered attendees.
    > core team: Mathieu Blanc, Cédric Foll, Philippe Teuwen and /me.
    > ressources: archives | history | speakers & achievements.
 (. .)
  =w= (\
 / ^ \//
(|| ||)
,""_""_ .