Xavier Mertens is an independent security consultant. His job focuses mainly on protecting his customer’s resources by applying “offensive” (pentesting) as well as “defensive” security (incident handling, log management, SIEM, security visualisation). Instead of using out of the box solutions from security vendors, he prefers to advice on best ways to solve security issues. One of his preferred tool at the moment is OSSEC, a free log management & HIDS. He wrote several blog articles about this software to increase its performance or visibility. In parallel to his daily job, Xavier maintains his security blog (http://blog.rootshell.be), is a BruCON (http://www.brucon.org) co-organizer and offers some spare time and resources to initiatives like the EuroTrashSecurity (http://www.eurotrashsecurity.eu) podcast.