What is your background?
Originally from La Flèche, I studied at the Prytanée military high school. After two years of MPSI-MP prep school at the naval school in Brest, I chose to repeat my second year of prep school in MP in Lorient. I joined ENSTA Bretagne in 2018 as an IETA and chose the SNS (Computing Systems and Security) (renamed CSN – Design of Computing Systems) major, as I had a keen interest in cybersecurity.
What experiences left an impression on you during your studies at ENSTA Bretagne?
All my internship periods were very rewarding.
During my "0" year, I did my internship in the air transport gendarmerie, in the research section responsible for accident investigations. I was responsible for developing position software for a drone.
My first-year internship took place at the DGA Information Superiority center over a period of one month. I was working in a department where I was analyzing an aircraft GPS receiver.
My second-year internship took place in the Diateam company in Brest in the cybersecurity team (RedTeam).
For several months, I programmed and developed an attack automation tool. This was my first real project in Cybersecurity. I was provided with many tools which helped me a great deal. I learned a lot during this internship.
How did your PFE go?
I thought about going abroad, but the health context and my military status meant it was not possible. Since my first internship at Diateam went very well, I chose to return there for my third-year internship (PFE).
Over 3 months, I developed "Ratatouille", a RAT (Remote Access Trojan). This is an offensive Cybersecurity tool that allows you to take control of a computer remotely.
The remaining months allowed me to develop other tools that are still used today in the company.
From an extra-curricular standpoint, what experiences do you remember?
I was part of the school's Cyber Club. I enjoyed sharing and passing on the knowledge I gained during my internship to first year students. In parallel with my studies, I also participated in several CTF (Capture the Flag) games on various websites such as Root-me, for example. These are games that involve using software vulnerabilities allowing flags, confirming intrusion, to be inserted into the information system and retrieved. In my opinion, this is an important first step in implementing cybersecurity. These experiences helped me both to better understand and become proficient in certain tools, and also added value to my résumé for employers.
What position do you hold at the DGA?
I have just been hired at the DGA Information Superiority center in Bruz (35) to carry out digital investigation, involving a mix between offensive and defensive work. My role is to look for signs of attacks.