You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
New report
Malt Tech Trends 2026
Corentin GruhnCG

Corentin Gruhn

Supermalter

Pentester Auditor | Cybersecurity Expert

€800/day
23 projects
Paris, FR
8-15 years
Cybersecurity
Pentest
Penetration Testing
Security Audit
Ethical Hacking

Average response time: 2 hours

Freelancer profile translated to English.
Back to original language

About Corentin

Hello and welcome,

For several years, I have been assisting clients of all backgrounds, from SMEs to CAC40 companies, with their information system security assessment needs. More specifically, my missions focus on the following areas:

- Technical audit, including penetration testing and configuration reviews:
• Needs qualification (e.g., web application security audit to assess its robustness)
• Performing penetration tests and/or configuration reviews
• Identifying vulnerabilities, qualifying associated business risks, and sharing recommendations for remediation
• Formalizing a report summarizing the overall security level assessment and detailing all technical tests performed
• Delivering technical and managerial debriefings

- Incident response:
• Incident qualification (often crisis situations, like ransomware)
• Analyzing attacker traces to determine their actions
• Assisting in the implementation of defense and remediation measures to restore the IS to normal operation

If you would like to know more about my areas of expertise, or if they already match your needs, please do not hesitate to contact me to discuss them!
Consulting and Audits
Digital and IT Services
Digital Business Models
E-commerce
Software Publishing

  • French

    Native or bilingual

  • English

    Fluent

  • Spanish

    Conversational

Can work on-site
Paris (up to 50km)

Experience

  • Stoïk
    CSIRT Analyst
    BANKING AND INSURANCE
    September 2022 - January 2024 (1 year and 4 months)
    Paris, France
    Incident Response:
    Investigation and forensics on Active Directory, Windows, Linux, O365, Splunk, AWS environments, etc.
    - Analysis of compromise vectors and reconstruction of attack chains (phishing, ransomware, credential theft, data exfiltration).
    - Crisis management and support for remediation and full reconstruction of an IS (restoration, hardening, account reset, business continuity).
    - Development of detailed technical reports and post-incident analyses (timeline, IoCs, corrective recommendations).

    Insured Support:
    - Assessment of insureds' security maturity and identification of non-compliance with insurability criteria.
    - Implementation of action plans to make companies cyber insurable (MFA, immutable backups, network segmentation, privileged account management, EDR, etc.).
    - Training and awareness on incident management, ransomware prevention, and information system hardening.
    - Recommendations on cybersecurity best practices and support for their implementation (Cloud, O365, AD, workstations).

    Tool Development and Automation:
    - Design of internal tools for O365 compromise analysis, Active Directory configuration review and hardening, and backup and infrastructure compliance verification.
    - Development of scripts and dashboards to facilitate the detection of indicators of compromise and technical auditing.
    - Contribution to the continuous improvement of the internal SOC/CSIRT and the formalization of incident response procedures.
    Incident Response Forensics Crisis Management Incident Management Investigation
  • WAVESTONE
    Cybersecurity Consultant | Penetration Testing & Incident Response
    CONSULTING AND AUDITS
    February 2019 - August 2022 (3 years and 6 months)
    Paris, France
    Penetration Testing:
    - Web & API Applications
    - Mobile Applications (iOS & Android)
    - Internal Information Systems (including Active Directory & backup infrastructures)
    - Cloud Infrastructures (Azure AD, AWS, Google Workspace)
    - External Footprinting (analysis of exposed external servers, etc.)
    - Red Teaming (phishing, business application compromise, etc.)
    - Citrix Infrastructures
    - Workstations

    Configuration Reviews:
    - Active Directory
    - Cloud Infrastructure (AWS, Azure AD, Google Workspace)
    - Operating Systems (Windows, Linux, macOS)
    - Office 365 Environment
    - Applications (databases, backup solutions, etc.)
    - Virtualization (Docker, Kubernetes, OpenShift)
    - Security Solutions (firewall, router, switch, etc.)

    Incident Response (examples of cases handled):
    - Ransomware
    - Active Directory Compromise
    - Cloud Infrastructure Compromise
    - Identity Theft
    - Phishing
    - etc.

    Forensics (log analysis):
    - Active Directory
    - Cloud Infrastructure (AWS, Azure AD, Google Workspace)
    - Operating Systems (Windows, Linux, macOS)
    - Office 365 Environment
    - Applications (databases, backup solutions, etc.)
    - Virtualization (Docker, Kubernetes, OpenShift)
    - Security Solutions (firewall, router, switch, etc.)
    Security Audit Penetration Testing Active Directory Risk Analysis Forensics

Reviews

5.0

Out of 22 ratings

E

Elliot

COO - I-Kapital SAS

Reviewed on 5/7/2026

Corentin assisted us with great professionalism and within the agreed timeframe. I recommend working with him.
A

Alex-Adrien

CTO - Luceo

Reviewed on 4/24/2026

We develop software for notaries, in a context where data security, confidentiality, and integrity are essential. Corentin assisted us from the design phase of our platform, and then during the penetration tests he conducted with great rigor and professionalism. His support was very comprehensive: concrete recommendations, help with prioritizing corrections, re-testing of applied corrections, and updating the final report. This follow-up allowed us to significantly improve the security of our platform and provide our clients with concrete assurances regarding the handling of identified vulnerabilities. His pedagogical approach and deep understanding of our business context also helped our teams progress in security best practices. We recommend Corentin without reservation.
Show all 22 reviews

Recommendations

PG
JD
HH
+2
Pierre-Julien Grizel and 4 other people have recommended Corentin

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • Engineer - Security of Systems and Networks
    Télécom SudParis
    2019

Certifications

  • PASSI
    LSTI
  • ESSI (Information Systems Security Expert)
    ANSSI - National Cybersecurity Agency of France

Skill set

Linux
Active Directory
Windows
Microsoft Azure
Firewall
Forensics
Risk Analysis
ISO 27001
Audit
AWS
Penetration Test
Internal Penetration Test
Phishing
Cybersecurity Audit
Red Team
Compliance
Compliance
Wordpress
Consulting
OWASP
OSCP
O365
configuration audit
Vulnerability Management
Vulnerability Management
Vulnerability Scan
Risk Management
Risk Mapping
Burp Suite
API
Internal Audit
Incident Management
Incident Response
Python
Reporting
Information Security
WordPress Security
Penetration Testing
Internal Pentest
Kali Linux
Web Pentest
API Pentest
Pentester
Pentesting

Categories