Septembre 2017: Brèches de sécurité 150 150 Jean-Philippe Rivard Lauzier

Septembre 2017: Brèches de sécurité

This post was published when this blog was also in French. This post is available in English. Septembre 2017 a été un mois intéressant pour plusieurs brèches importantes de sécurité. Nous avons tous appris la valeur de nos informations personnelles. À partir de maintenant, je vais publier un billet mensuel au sujet des brèches importantes de sécurité du mois précédent.…

September 2017: Security Breaches 150 150 Jean-Philippe Rivard Lauzier

September 2017: Security Breaches

September 2017 has been an interesting month for many important security breaches. We all learned the value of our personal information. From now, I will publish a monthly post about the major security breaches from the previous month. Equifax Equifax is a consumer credit reporting agency and they had a recurrent unauthorized access to their systems from May 13th to…

Kantoku: Fin du projet et retour possible 150 150 Jean-Philippe Rivard Lauzier

Kantoku: Fin du projet et retour possible

This post was published when this blog was also in French. This post is available in English. Kantoku était une application autohébergée pour les entreprises afin de pouvoir gérer facilement leur gouvernance, risque et conformité TI (GRC). Comme mentionné dans une publication précédente, j’ai développé cette application pendant les premiers mois de 2016. Au début du projet, c’était une solution…

Kantoku: Project Shutdown and Future Comeback 150 150 Jean-Philippe Rivard Lauzier

Kantoku: Project Shutdown and Future Comeback

Kantoku is a self-hosted application for companies to manage their IT governance, risk management and compliance (GRC). As mentioned in a previous post, I developed this application during the first part of 2016. At first, it was a Software-as-a-Service (SaaS) solution with a really nice high availability infrastructure on AWS. However, I had to put aside the infrastructure behind the…

CISSP: Réussi, et une autre étape complétée 150 150 Jean-Philippe Rivard Lauzier

CISSP: Réussi, et une autre étape complétée

This post was published when this blog was also in French. This post is available in English. Terminé. Cet examen de 6 heures avec ses 250 questions est enfin du passé. Eh oui, je parle bien du légendaire CISSP ou l’examen pour le “Certified Information Systems Security Professional” de ISC2. C’est probablement la certification que la plupart des professionnels en sécurité…

CISSP: Passed, and One More Milestone Completed 150 150 Jean-Philippe Rivard Lauzier

CISSP: Passed, and One More Milestone Completed

Done. The 6-hour exam with its 250 questions is finally in the past. Yes, I am talking about the famous CISSP or the “Certified Information Systems Security Professional” exam from ISC2. This is the certification that most information security professionals will try to obtain at one point in their career. Why? For most recruiters and companies that are looking for a…

Pourquoi avoir fait la certification OSCP? 150 150 Jean-Philippe Rivard Lauzier

Pourquoi avoir fait la certification OSCP?

This post was published when this blog was also in French. This post is available in English. Depuis les dernières années, je suis de plus en plus du côté de l’audit TI et de la sécurité de l’information. Du moins, en théorie, j’ai encore plusieurs projets techniques… Toutefois, ça faisait déjà quelque temps que je voulais poursuivre la certification « Offensive…

Why did I do the OSCP certification? 150 150 Jean-Philippe Rivard Lauzier

Why did I do the OSCP certification?

I am more an IT auditor, and on the business side of information security (at least, in theory, I still like doing many technical projects). However, it was still important for me to pursue the Offensive Security Certified Professional (OSCP) certification. At first, I was maybe interested in a career as a penetration tester (pentester) and it was indeed a…

Past 3 years, and a new beginning 150 150 Jean-Philippe Rivard Lauzier

Past 3 years, and a new beginning

It has been a little more than 3 years since I graduated from my bachelor degree. I must admit, it has not been always simple to figure out what I wanted to do. It could have been easier, but overall, I understand now why those different experiences were required for me. Deloitte In 2014, I got my first full-time job related…

CISA exam passed, now the required experience 150 150 Jean-Philippe Rivard Lauzier

CISA exam passed, now the required experience

Update: I published a new post with the most frequently asked questions on this post. Back in the summer 2013, I was interested to pass the CISA exam even if could not obtain the certification without experience. This was a way for me to demonstrate my interest in IT audit to future potential employers. I thought that I could have…