Security Research Team
The humans behind the vulns.
François Proulx
VP of Security Research
François is the VP of Security Research at BoostSecurity.io and co-creator of the poutine Open Source CI/CD scanner. He co-founded the Living Off The Pipeline (LOTP) project to describe the abuse of build tools for lateral movement. After spending years teaching defenders how to secure their workflows, he is now demonstrating how attackers are dismantling them.
Alexis-Maurer Fortin
Senior Product Security Engineer
Alexis-Maurer is a co-creator of poutine and the architect behind BoostSecurity's large-scale cloud scanning infrastructure. A prolific Go developer, he wrote the majority of the codebase powering the team's automated vulnerability discovery systems.
Sébastien Graveline
Security Researcher
Sébastien brings Red Team expertise to the research team and is a major contributor to the Living Off The Pipeline (LOTP) project. An avid CTF player who has won several prestigious competitions, he specializes in offensive CI/CD exploitation techniques and turning theoretical attack patterns into practical demonstrations.
Garance De La Brosse
ex-Junior Security Researcher
Garance completed her M. Eng thesis with the team, focusing on distribution threats to the Go ecosystem and package manager vulnerabilities.
Chasen Bettinger
ex-Product Security Engineer
Chasen was there at the inception of the security research team and authored one of the first articles exploring the intersection of Supply Chain security and AI/LLM model poisoning. A passionate advocate for Software Supply Chain security from the Big Apple, he contributed to in-toto and connected with the core contributors behind these frameworks.
