Cyber Threat Detection & Intelligence Engineer
Hippolyte Cousin
Detection engineer and CTI Analyst with 3 years of experience at an NDR vendor. I build detection engines and produce threat intelligence, from technical to strategic.
Through a Censys Research partnership, correlating observations (infrastructures, exposed services, banner changes) with real geopolitical events — tensions, conflicts, elections. The goal: measuring whether and how cyber activity observable on the internet reflects or anticipates real-world developments.
Malware similarity search engine based on TLSH hashing (Trend Micro Locality Sensitive Hash). Finds samples close to a given binary to identify variants of the same family, assist in campaign attribution, and track associated infrastructure by correlating with threat feeds (MalwareBazaar, URLhaus).
Real-time analysis of domain TLS certificates to detect threats targeting specific countries. Monitors certificate transparency streams (CT logs) to identify malicious infrastructure at the time of creation.
A look at the cyber dimension of the Paris 2024 Olympic and Paralympic Games — from threat anticipation and state-sponsored actors to the unprecedented security operations deployed to protect one of the most targeted events of the year.
An exploration of Tactics, Techniques and Procedures as the backbone of modern threat intelligence. Covers how TTPs shift focus from ephemeral indicators to durable adversary behavior, enabling better detection engineering and strategic attribution.