Fancy About

Daniel B. Cid is the lead developer/founder of the open source OSSEC HIDS and the CTO of Sucuri. His interests range from intrusion detection, log analysis (log-based intrusion detection), web-based malware research and secure development.

He is an active member of the open source community, specially known for creating the OSSEC HIDS (Intrusion detection system). He is also the co-writer of the Host-Based Intrusion Detection book.

In the past, he worked at Trend Micro, Q1 Labs, Sourcefire and on his own ventures.

On June 2008, he sold his open source project OSSEC to Trend Micro/Third Brigade, and joined the company as the lead of OSSEC development.

I am Social

Wel, not really. But I am on Twitter (@danielcid) and on Linkedin.

I used to blog here: http://dcid.me/blog/ (most OSSEC-related), but I am sharing my latest thoughts on here: http://dcid.me/notes/ and on the Sucuri blog: http://blog.sucuri.net/author/dcid

You can also reach me via email: dcid@dcid.me

Book and OSSEC

My OSSEC book is available on Amazon: http://www.amazon.com/OSSEC-Host-Based-Intrusion-Detection-Guide/dp/159749240X

And you can follow the OSSEC development via my bitbucket repository: http://bitbucket.org/dcid/

Interviews and Papers

Some interviews with me:

• 2012, Use This - The Setup - Daniel Cid
• 2010, Network World – Being acquired is the best thing for a FOSS project
• 2009, Net Security – OSSEC, the open source host-based intrusion detection system
• 2009, Linux Magazine – Commercial open source (hobby seguro) - Portuguese

Conferences and papers

• 2011 – Quebec, QC - OSSEC Workshop on Hackfest
• 2010 – SANS, DC – SANS log management and incident response summit
• 2009 – Ottsec, Canada – OSSEC HIDS for Ottsec
• 2008 – PST Canada – Open Source Host-based Intrusion Detection with OSSEC
• 2007 – PST, Canada – Enterprise Log Management with Q1 Labs QRadar and OSSEC
• 2007 – AusCERT, Australia – Log-Based intrusion detection
• 2007 – CONFidence, Poland – Log-Based intrusion detection

Proud moments

• 2012 - All the recommendations from Sucuri customers
• 2012 - Too many proud moments from Sucuri (in the media)
• 2011 - OSSEC voted #2 best IDS tool by the sectools.org survey (again)
• 2010 – OSSEC Award Daemon
• 2009 – OSSEC book as Best Book Bejtlich Read in 2008
• 2007 – OSSEC was chosen #1 open source security tools in the enterprise by LinuxWorld
• 2006 – OSSEC voted #2 best IDS tool by the sectools.org survey

Mentions

• 2013, CIO - Web Server Hackers Install Rogue Apache Modules and SSH Backdoors, Researchers Say
• 2012, Information Week - Apache Server Setting Mistakes Can Aid Hackers
• 2012, InfoWorld - Many Apache Web servers put popular websites at risk
• 2012, ArsTechnica - Misconfigured Apache sites expose user passwords
• 2012, Yahoo - AlienVault Launches Technical Advisory Board
• 2012, PC World – PHP patches actively exploited CGI vulnerability
• 2012, SC Mag – 50,000 sites compromised in sustained attack
• 2012, Krebs on security – Plesk 0Day For Sale As Thousands of Sites Hacked
• 2012, TechCrunch – Yahoo Confirms, Apologizes For The Email Hack, Says Still Fixing
• 2010, Network World – Being acquired is the best thing for a FOSS project
• 2009, Net Security – OSSEC, the open source host-based intrusion detection system

Pics

Some public pictures of me. More here: http://dcid.me/pics.html