Volunteering efforts

During the last few years I had the opportunity to present and give demos on a regular basis. My expertise is where security, business, software development, and open source software meet.

Below is the list of upcoming talks or ideas. Any of these talks suitable for your conference? contact me. Do you like my presentation(s)? An endorsement of my speaking skills would be appreciated.

  • Django and security?
  • Privacy for non-paranoia people?
  • Securing Linux?

Here is an overview of talks I’ve given in the last couple of years, or are scheduled.

2024

Faster websites with Hugo

Things that I learned while migrating several websites to Hugo, including focus areas.

Oo, maar dat is goed fout

A talk (in Dutch) where we discuss Linux security theses.

2019

Tips to create better* shell scripts

Whether you call yourself a system administrator, developer, or DevOps sprint mediator, life is too short for sloppy shell scripts! In this talk, we look at how to improve them to stand the test of time. Michael will share how to create a good foundation for your scripts, so they run more reliable now and in the future. Your (future) colleagues might love you for it.

Focus areas of this presentation include error handling, security, style, and best practices. Also, it will cover (many) mistakes made by Michael over the last 20 years. Got some of your own? They are welcome as part of the discussion.

* Improved readability, increased fault-tolerance, and more security.

2018

Under the microscope: Linux security tools

Periodic health checks for Linux systems

Michael Boelen presenting at D3NH4CK 2018

Behind the scenes of an open source project

2017

Why simplicity is important

2016

The state of Linux security in 2016

Stories about Linux and what happened in 2016 regarding security.

Getting traction for (your) open source projects

So you got an idea, some code, and now you only need the users and contributors? A good idea is not enough to have a successful project. Open source software projects need also marketing, promotion, and optimization. We will look at the technical and non-technical level on how to enhance OSS projects. This with the goal to get more happy users and gain more traction. I will share from personal experience what works (and what not!), including examples. Subjects include simplicity, the website, dealing with social media, optimize for users and search engines, and the tiny details that matter.

This talk is useful for developers, contributors, and also users of open source software. No programming skills are required.

Relevant article: How to promote your open source project

Michael Boelen at T-DOSE 2016 Lynis demo at Black Hat Europa (London)

  • Date: 2016-11-04
  • Event: Arsenal at Black Hat Europa (London)

A live ongoing demo about how Lynis can help with system hardening, compliance testing, and more. The Arsenal is part of the Black Hat conference and consists of passionate developers who show their open source security tools.

Michael Boelen showing a Lynis demo at the Arsenal of Black Hat conference

Linux Security Workshop

  • Date: 2016-09-29
  • Event: Private session

Linux security workshop by Michael Boelen

Linux Malware

Presentation about the types of malware and the ones affecting Linux systems. We had a look on how rootkits work and some defenses we can apply to increase detection rates.

  • Date: 2016-07-06
  • Event: DBLUG (project 073)
  • PDF: see earlier presentations

Securing Linux Systems with Lynis

Are you really sure the security of your Linux systems is done properly? Since 2002, Michael Boelen performs research in this field. The answer is short: there is too much to possible and to do. For this reason, he created several open source security tools, to help others saving time. We will look into how Lynis can help with technical security scans.

Linux Security Workshop

In this private workshop, 14 students learned about the wide range of possibilities when it comes to Linux security.

Private session

  • Date: 2016-03-29
  • Event: Private session

Dealing with Linux Malware

We often hear that viruses do not affect Linux systems. If it was only true… To understand why there is malware in the first place, we look at the reasons for evildoers to create harmful software. When that is clear, we move on by defining several types of malware, to finally focus on a very particular one, the rootkit. A quick course into the cleverness of rootkits follows, with the related challenges it offers for detection. We close the session by giving tips on detection and prevention.

Linux Hardening

So you think the systems at your employer can actually use a little bit more security? Or what about your own system to gain more privacy? In this talk, we discuss the reasons for Linux server and system hardening. First we learn why we should protect our crown jewels, and what can wrong if we ignore information security. Next is getting a better understanding of the possible resources we can use. And since system hardening can be time-consuming, we discuss some tools to help in the system hardening quest.

How to Deal with a Compromised System?

Presentation of Michael Boelen about handling compromised systemsMalicious software now exists for more than 40 years. Linux is just another platform having to deal with that threat. But the question remains how should we act when we find a backdoor or rootkit on our system. In this talk, the threat and defenses will be explained.

Linux Security, from Concept to Tooling

Linux is considered to be a secure operating system by default. Still there is a lot to learn about system hardening and technical auditing. This 1-hour presentation explains the need for hardening and auditing of your systems. We discussed some additional documents and tools, to further help this endeavor.

Linux Security for Developers

To help developers create more secure software, we have to understand the need first. This introduction talk was 2 hours, with many individual tips to know why security is important, and the possible consequences if we ignore that. We covered specific items to enhance the security posture of our applications. Finally, we finish the presentation by sharing the need for performing regular technical audits.

2015

  • BlackHat USA (Las Vegas) / BlackHat Europe (Amsterdam) – Lynis demo
  • Haagse Hogeschool – Workshop Linux Security
  • NLUUG – From open source to a company (Dutch)
  • Kollab Summit – Workshop Linux Security and Hardening
  • openSUSE Conference – Docker Security: Are your containers tightly secured to the ship?

2014

  • BlackHat Europe (Amsterdam) – Lynis Demo
  • NLUUG – How Many Security Layers Are Enough?
  • NLUUG – Security Auditing and Hardening for Linux
  • Interested in slides? Check out some of the presentations.

Some ideas for future presentations Linux IPv6 security

An introduction into IPv6 with the primary focus on security aspects for Linux systems. Security is hard: tool developers to blame?

Still in 2016, security remains complicated. Why is that and how can we solve it? Showing by example how “simple” tools can still be difficult. There is room to improve. ELF 101

A dive into ELF binaries and files, and how they work on Linux.

My article The 101 of ELF Binaries on Linux: Understanding and Analysis was covered on Reddit, Twitter and other websites.