-
Coverity
- Security Research Architect
2014 - maintenant
-
Coverity
- Lead Security Researcher
2012 - 2014
I play with toys that I (or SRL) makes, or our R&D builds. Most recently, I have investigated HTML and SQL contexts for security, JavaScript static/dynamic analysis, Java runtime analysis, and developed precise analyses for frameworks.
You can find some of what I do here:
http://security.coverity.com/
I also maintain the Coverity Security Library (lightweight, fast, and precise set of escapers):
https://github.com/coverity/coverity-security-library/
Besides that, I've been making significant improvement to our framework analyzer, hopefully going to a fully customizable approach.
-
Coverity
- Senior Security Researcher
2011 - 2012
I'm essentially the bridge between application security and program analysis.
Based on our latest press release, I can tell that I prototyped and researched at least the following areas:
- whitebox fuzzing for Java programs: detection of escapers, validators, etc.
- frameworks analysis
- precise analysis for SQLi and XSS using context-aware algorithms (string analysis, parse states)
- actionable remediation and code fix generation: the most precise remediation engine that can compute remediation and code fixes for unbounded (theoretically) scenarios.
-
Cigital
- Senior Security Consultant
2010 - 2011
As a Senior Consultant, Romain led the development of the security assessment lab within Cigital. Now that the assessment lab is operational, Romain provides technical and research leadership to security analysts by taking on the following roles:
- Technical Lead for multiple ongoing assessments. Provide guidance and technical expertise to analysts in the assessment lab.
- Client Coordinator interacting with clients to ensure projects run efficiently and smoothly. Interface between the clients and the assessment lab analysts for project coordination.
- Research Coordinator for all analysts of the lab. Develop and coordinate new research topics and tools such as binary analysis, static analysis tools, and hybrid analysis in the assessment lab. Romain is also a principal contributor to the research within the lab.
Romain worked on projects which cover the entire spectrum of software security testing including:
- Manual penetration testing. Romain has a wide experience in penetration testing on different platforms and software. Romain has executed and led penetration tests on thick clients (from games under Windows to anti-virus under Mac OS X), mobile applications (iOS, BlackBerry and Android platforms), web services, and web applications.
- Architecture risk analysis. Romain analyzed solutions, which include real-time trading systems, cloud-based services, etc.
- Manual and automated code review on small to very large applications. Romain has a reviewed source code for Fortune 500 customers, deployed static analysis tools across a nationwide bank network, and provide guidance to development teams on software weaknesses and remediation.
Romain also authored security knowledge standards such as attack patterns (CAPEC), and co-authored the Software Assurance Findings Expression Schema (SAFES).
-
Cigital
- Security consultant
2008 - 2010
From penetration testing (web applications, thick clients, mobile phones applications, etc.), to source code review (automated or manual).
Focus on Cigital's architecture risk analysis process including Threat Modeling and security testing.
Used to deliver custom training to dev teams focused on using source code analyzers and understanding security issues in the context of their apps.
- architectural risk analysis, threat modeling, code review (security/quality, automated a/o manual)
- penetration testing of: web application, mobile applications, online games (MMORPG), software, etc.
- data analysis: help customer understanding their data better (descriptive, exploratory, data-mining), focus on system security and fraud detection
-
National Institute of Standards and Technology
- Computer Scientist
2006 - 2008
Co-organizer & Evaluator of the NIST Static Analysis Tool Exposition 2008 (SATE)
Developed several source code metrics, performed statistical analysis to tools behavior such as "number of findings".
Study the impacts of the static analysis tools (source code analysis) such as Coverity, Klockwork K7, Fortify SCA, Findbugs, etc., contribute to the SAMATE Reference Dataset, study tools behavior on source code variations (creation of PHP-Ast/Oracle project).
Work on the evaluation methodologies of Web Application Scanners such as Acunetix WVS, Cenzic Hailstorm, Watchfire AppScan, HP WebInspect etc. (creation of a proof-of-concept minimum bar web apps scanner/hybrid tool: Grabber
Development of various websites: SAMATE Reference Dataset, SATE 2008's
