Hi Laurent! Can you tell us about your role at GitGuardian?
Hi! I've been working at GitGuardian for four years now, making me the person with the longest tenure! For a few months, I have been a Staff Engineer, meaning I'm an expert on my perimeter and have a larger scope than when I was Lead (on the Public Monitoring product). As we scaled up our teams this year, there's been quite a reorganization: we now have tribes and squads in the engineering department. As a staff engineer in the detection & remediation tribe, my job is to help integrate their work into our web applications. I also lead a team dedicated to database performance.
What about your background?
After a maths preparatory class, I graduated from an engineering school (ENSTA). I was really attracted to cryptography at that moment, but after an internship with a French leader in the field, I realized that I wanted to work in a smaller company. The other way out would have been to do scientific research, but I finally preferred working on "classic" web development.
How was your first contact with GitGuardian?
After an internship in NYC and an aborted start-up project, I saw an ad for a developer position at GitGuardian on my school's job listing. I had a first interview where the project was presented to me, and I was immediately hooked on the idea. Any developer has to manage a lot of secrets, so we understand that it's a real security concern.
The first offices were four startups crammed into a four-room apartment, and the average age was 25. GitGuardian was already alerting developers worldwide when a secret was detected in their commits, and the objective was to build a product around that.
You have witnessed the evolution of the offering since that period; what would you say about it?
I'd say there are two major changes that I've been lucky enough to observe and contribute to: first, the first prototype of what we now call GitGuardian Internal Monitoring was really "individual developer" oriented. Initially, we thought most of our users would be individuals securing their own repositories, so we focused on the single-user experience. We are far from that vision since we work with organizations counting hundreds, if not thousands, of developers. The challenges and roadmap have obviously changed dramatically.
Then the most striking thing was structuring our expertise into two distinct products. Initially, there was a lot of hesitation about whether or not to make such a change. But in the end, the development needs were so different that it made sense. Today, it gives us enough technical leeway to integrate major new features without too much headache. This is what allows us to project ourselves in the future: I work a lot with the R&D team to explore new horizons around code security.
As we grow, we add more human and hardware capacities to expand and improve our systems' robustness. This has been very precious to building my own engineering experience.
What would you say to someone considering joining GitGuardian?
If I had to convince a developer, I would tell them that working on GitGuardian products is about helping other developers and technical people. I'd tell them about the challenges we face to remain the number one secret detection solution and all the exciting ideas we have for the future.
Now the company is way more diverse than when I arrived; the average age has augmented, and we get very cool monthly parties. But more importantly, the workplace is a really good compromise between friendliness and seriousness. All the events allow us to meet new faces from other departments and keep a shared culture among Guardians!
To conclude, can you tell us about your hobbies?
I love backpacking! Even though I try to keep my air travel to a minimum, I had the chance to visit South East Asia and Mexico in the past, and I plan to visit Cuba in the spring.
When in Paris, I learn pentesting by doing CTFs :) and I’m also training to participate in a triathlon with other Guardians next year.