Baptiste CHOCOT - Software & Cyber-Security Engineer
About me
I am a French IT engineer currently working at NIST as a Software Developer. My main skills are software development and a good base for cyber security. I enjoy tinkering with technology, climbing, and cooking the most.
Former positions
I am currently responsible for the maintenance of the Software Assurance Reference Dataset, which encompasses dependencies and security updates, developping new features, and adding test cases to the database. The SARD is developped with Ruby on Rails.
I developed two Rust full-stack applications for running human evaluations of AI-generated content, such as texts and pictures. The goal was to gather human feedback before training AI systems to detect whether a document was AI-generated. They are not available to the public at the moment.
My mission was to automate the generation of deepfakes using several open-source Deep Learning tools, such as DeepFaceLab or FaceSwap. It resulted in many thousands of videos for the project's dataset. I oversaw a student, helping him to run deepfakes tools on GPU-accelerated hardware, with Python, virtual environments, code reviews, and best practices for coding. I was also involved in several workshops, presenting the dataset's generation pipeline and content to performers and stakeholders.
I was a member of the team dedicated to the ActEV challenge sponsored by IARPA. I am responsible for maintenance and development of new features for two projects, an abstract CLI that our partners have to implement, then submit to our pipeline, and a scorer software which evaluates our partners software's performance. Additionally, I had to reimagine the CI for the abstract CLI because it became harder to test. I am also responsible for the generation of some ActEV datasets.
The goal of the internship was to create from scratch a data leak orchestration tool, which would store any leaked credential of the company's customers, for monitoring purposes. I designed the software as a web API for ease of use by the other tools of the company. I have used an analytical database called ClickHouse, which is currently holding billions of leaked credentials and has crazy fast response times. It is currently part of the firm's monitoring offer.
Technical skills
Very confortable with:
- Python, Shell
- UNIX-like systems
- Ruby and Rails
- Git, Docker
Confortable with:
- Rust 🦀
- C/C++, Java, PHP
- SQL databases, ClickHouse
- Various cyber-security concepts
Already used:
- Monitoring (Nagios, Grafana)
- VBox, VMWare
- Firewalls (iptables)
Education
Including 11 months of internship, several group projects, such as an Hex game (and its AI), a mini-rust compiler, mini-nmap, or an UrbanLoop network simulator.
2-year class preparing a competitive entrance examination to engineering schools.
Scientific bac, major "engineer sciences", Python introduction, with good honors.