Jump to: navigation, search


I'm currently working as ICT Security Expert for the International Committee of the Red Cross (ICRC) in Geneva. Before accepting this new challenge, I had the great opportunity to be a Pentester for 2 years in Switzerland. I also worked 5 years for the National Institute of Standards and Technology (NIST) where I was conducting researches on how source code security analyzers react facing a large range of vulnerabilities with different complexities (see Publications section below). I was part o the SAMATE Team where my role consisted of studying tools' strengths and weaknesses in order to help improving the current state of the static code analysis field. I graduated in 2011 from TELECOM Nancy, a leading engineering school at the University of Lorraine in France for a Master's degree in Computer Science with a minor in networking and security.

My areas of expertise are:

+ Penetration Testing & Security Audit
+ Vulnerability Assessment and Research
+ Static and Dynamic Application Security Testing

My personal projects demonstrate my engagement to the IT security world. In that regard I have produced the PHP/C# Vulnerability Test Suite and the A Bug A Week Challenge. My involvement in the IT security community around Geneva and Washington DC is significant. I attend meetings and forums on a regular basis and have also helped organizing the 2015 B-Sides conference in Washington DC.

More information:


_Bertrand STIVALET