Cedric COCHIN Education Experience - Cedri.cc - Cedric Cochin

'Preparatory Classes' focused on strong fundamental background ... policy. Researches and analyses based on network security concepts to define a “white book” for the ... Information Technology & Network Security Teacher (EFREI).
Télécharger le PDF
99KB taille 69 téléchargements 398 vues
commentaire
Report
Cedric COCHIN [email protected] Phone: -- not available online--

-- not available online -Portland Oregon USA

Education September 2001 September 1998

E.F.R.E.I. (Ecole FRançaise d’Electronique et d’Informatique) Master in Science / French Engineer in Computer Science Domain Telecoms & Networks Options Network Security & Parallel Computing Major of promotion 1998-2000 (Honors)

July 1998 September 1996

CPGE (Classes Préparatoires aux Grandes Écoles) 'Preparatory Classes' focused on strong fundamental background with an emphasis on mathematics and physics

July 1996

French Scientific Baccalaureat Mathematic specialization

Paris,France

Le-Raincy,France

Chelles,France

Experience Beaverton OR netVigilance.com Inc « – Assurance has arrived » netVigilance is the leader in vulnerability assessment (VA); delivering corporate information security solutions to meet the heightened demand for network intrusion prevention, network security. I’m managing the integration of the SecureScout™ product suite. SecureScout™ is the name of the suite of NexantiS security products for Vulnerability Assessment and Management. netVigilance, Inc. is the unique development team of the SecureScout™ suite. Algorithm developer & optimizer for the core system of the solution. Acting as Director of security research up to November 2004. Interacting with organizations like SANS, CVE or ISC.

09/2004 - Today

Director of Product Integration

12/2003 - 09/2004

Paris, France Co-Founder & Network Security Expert netVigilance France « netVigilance - Security Development Specialists » Co-founder of NetVigilance France. Involved in the product management of the SecureScout Product family and manager of the security watch team. Algorithm developer & optimizer for the core system of the solution. Research system security vulnerabilities. Maintain a technology watch for security related changes in operating systems, hardware and/or software. Develop methods and codes to test and exploit new vulnerabilities.

05/2001 - 10/2003

VIGILANTe SA Paris, France « VIGILANTe - Unbiased Security Testing Specialists » Product Management for the SecureScan leading Vulnerability Assessment solution. Development focused on the engine and the network algorithms involved in the scanning process. Quality assurance over this product family by using and developing a bug tracking system. Security Expert to provide in-depth analysis and response to computer system security incidents such as hacker attacks break-ins and virus outbreaks. Assess the nature and extent of threats and damages to systems and networks. Provide technical and consulting advice on computer security incidents. Research system security vulnerabilities. Perform “White Hat” penetration tests. Internal network security group team leader. Teacher in the VIGILANTe University. Active member of the Groupe Technology Council. Maintain a technology watch for security related changes in operating systems, hardware and/or software. - Page 1 of 3 Security Consultant

10/2000 - 04/2001

Networks Vigilance SA

Security Consultant

Paris, France

Security Consultant to provide in-depth analysis and response to computer system security incidents such as hacker attacks break-ins and virus outbreaks. Assess the nature and extent of threats and damages to systems and networks. Provide technical and consulting advice on computer security incidents. Research system security vulnerabilities. Perform “White Hat” penetration tests and vulnerability assessment. Advise personnel responsible for system security in proactive and reactive measures. IT manager responsible of the deployment of all the Networks Vigilance public servers (WEB, Mail and DNS), including an ASP and of the management of the internal CRM system. 04/2000 - 09/2000

Network Security Manager

Cyrano SA Paris, France « CYRANO - Automated Testing Solutions » Internal project manager, focused on implementing and deploying a new network & physical security policy. Researches and analyses based on network security concepts to define a “white book” for the future development of a new network testing technology.

09/1998 - 03/2000

Programmer

AI EFREI

Paris, France

Supervised projects based on “student follow-up” using specific knowledge of databases systems and database mining and Web technologies for the AI EFREI association.

Technical skills Programming Languages:

Motorola 68k and x86 Assembler, C/C++, JAVA, SQL, Script Shell (C/Bourn), HTML, PHP/MySQL, Camel

Compilers:

Visual C++, Borland, Matlab, Maple, DreamWeaver

Operating Systems:

UNIX(Linux/OpenBSD/FreeBSD/Solaris), Windows NT/2000/XP/2003, Cisco IOS

Administration & Network Protocols:

¾ ¾ ¾ ¾ ¾

Vulnerability Scanners:

netVigilance SecureScout NX/SP, VIGILANTe SecureScan NX/SP, Eeye Retina, ISS Internet Scanner, Symantec NetRecon, Qualys Guard, Nessus, Nmap

Firewall & Sniffer:

Ipf, IPTables, Checkpoint, ZoneLabs, Secure Computing, Cisco PIX, Cisco Probe, SnifferPro, Snort, Prelude

Databases:

MS SQL, Sybase and MySQL

Projects & studies:

¾ Parallel clients/servers Computing using LAN/MPI, Fortran and C (Parallel Computing program EFREI) ¾ Information Technology & Network Security Teacher (EFREI) ¾ UML Object Modeling (EFREI)

ARP/RARP,DHCP,DNS,LDAP,HTTP,SMTP,POP,IMAP,SMB Communication layers (TCP/IP, UDP, ICMP, IPSEC) on IPv4 and IPv6 Routing process (RIP/OSPF/BGP4) LAN, WAN, VPN, VLANs and QoS Monitoring (SNMP, RRDTool, NetSaint)

- Page 2 of 3 -

Publications •

Security Advisories : August 26, 2005 February 10, 2004 February 02, 2004 January 30, 2004 January 24, 2004 January 24, 2004 January 24, 2004



Multiple PHP Images Galleries EXIF Metadata XSS Vulnerabilities Multiple Cross Site Scripting on mail.yahoo.com Arbitrary File Disclosure Vulnerability in phpMyAdmin 2.5.5-pl1 and prior PHP Code Injection Vulnerabilities in phpGedView 2.65.1 and prior PATH Disclosure Vulnerabilities in QuikStore 2.12.135 and prior PHP Code Injection Vulnerabilities in ezContents 2.0.2 and prior PATH Disclosure Vulnerabilities in phpGedView 2.65 and prior

Press Releases : November 18, 2004 o netVigilance uncovers multiple vulnerabilities in open-source network administration software console for SQL

Languages French (mother tong), English (fluent), German (student level)

Certificates & Activities ● Car Driving License ● BNPS Certificate (First-Aid) ● Co-Founder and President of a computer science Club (training Parents & Children) ● Member of the Portland French Alliance

- Page 3 of 3 -