About me
I'm currently working as ICT Security Expert for the International Committee of the Red Cross (ICRC) in Geneva. Before accepting this new challenge, I have been performing Penetration Testing for 2 years in Switzerland. I also worked 5 years for the National Institute of Standards and Technology (NIST) where I was conducting researches on how source code security analyzers react facing a large range of vulnerabilities with different complexities (see Publications section below). I was part o the SAMATE Team where my role consisted of studying tools' strengths and weaknesses in order to help improving the current state of the static code analysis field. I graduated in 2011 from TELECOM Nancy, a leading engineering school at the University of Lorraine in France for a Master's degree in Computer Science with a minor in networking and security.
Websites
- Bertrand STIVALET http://www.stivalet.ch
- Github https://github.com/stivalet
- LinkedIn https://www.linkedin.com/in/bertrandstivalet
- NIST publications http://www.nist.gov/publication-portal.cfm
- Research Gate https://www.researchgate.net/profile/Bertrand_Stivalet
- Google Scholar https://scholar.google.com/
- OWASP profile https://www.owasp.org/index.php/User:Stivalet
Publications
Awards
Best Paper Award - IEEE International Conference on Software Testing, Verification and Validation (ICST) 2016, April 2016
Large Scale Generation of Complex and Faulty PHP Test Cases
Bertrand Stivalet,Elizabeth Fong
Papers
-
SATE V Report: Ten Years of Static Analysis Tool Expositions, October 2018
Aurelien M. Delaitre, Bertrand C. Stivalet, Paul E. Black, Vadim Okun, Terry S. Cohen, Athos Ribeiro
-
Large Scale Generation of Complex and Faulty PHP Test Cases, April 2016
Bertrand Stivalet, Elizabeth Fong
International Conference on Software Testing, Verification and Validation (ICST'16), Chicago, IL
*BEST PAPER AWARD for the ICST16 TOOL DEMO TRACK* -
Evaluating Bug Finders - Test and Measurement of Static Code Analyzers, May 2015
Aurelien Delaitre, Bertrand Stivalet, Elizabeth Fong, Vadim Okun
Complex faUlts and Failures in LargE Software Systems (COUFLESS'15), Firenze, Italy -
A Hybrid CPU-GPU System for Stitching of Large Scale Optical Microscopy Images, March 2013
Walid Keyrouz, Bertrand Stivalet, Timothy Blattner, Shujia Zhou, Joe Chalfoun, Mary Brady
GPU Technology Conference 2013, San Jose, CA -
Initiating Mobile Software Development - Lessons Learned From a 12-Month Project, 2011
Frederic de Vaulx, Paul Khouri Saba, Marcus Newrock, Bertrand Stivalet
NIST Interagency/Internal Report (NISTIR)
Presentations
Large Scale Generation of Complex and Faulty PHP Test Cases, April 2016
International Conference on Software Testing, Verification and Validation (ICST'16), Chicago, ILEvaluating Bug Finders - Test and Measurement of Static Code Analyzers, May 2015
Complex faUlts and Failures in LargE Software Systems (COUFLESS'15), Firenze, ItalyCVE-Selected Analysis Results, March 2014
Static Analysis Tool Exposition (SATE) V Workshop, Gaithersburg, MD, USA
Contact
- Firstname . Lastname @gmail.com
- b_stivalet@Twitter
- about.me/bertrandstivalet