Lamine Aouad

Security Researcher
@
IriusRisk

Professional Expertise & Experience

Dr. Lamine Aouad currently serves as the Director of Cybersecurity, leading the cybersecurity team at IriusRisk. He has also served as a Security Researcher there. Lamine plays a crucial role in maintaining and expanding the deep threat and countermeasure knowledge base that powers the platform. With over 15 years of experience in security research, distributed computing, and software engineering, his background is uniquely suited to tackling the theoretical and practical complexities of automated security.

His expertise is reinforced by a strong academic foundation:

  • Doctor of Philosophy (Ph.D.) in Computer Science, Distributed Computing, and Numerical Analysis from the University of Lille 1.
  • Master of Science (MS) in Distributed Computing from Paris-Sud University (Paris XI).
  • Industrial Research: Prior roles include Principal Research Engineer at Symantec and Principal Researcher at Tenable, giving him significant experience in large-scale cybersecurity product research and development.

Notable Contributions & Credentials

Lamine's authoritativeness is grounded in his professional certifications and his published technical analysis:

  • High-Level Certifications: He holds the prestigious Offensive Security Certified Professional (OSCP) certification, as well as the CISSP, demonstrating deep technical knowledge in both offensive and defensive security practices.
  • Technical Content: He authors detailed, expert-level articles on critical security topics, including:
    • The essential proactive vs. reactive difference between Threat Modeling and Vulnerability Management.
    • The practical application of frameworks like MITRE ATT&CK for Industrial Control Systems (ICS) within a threat modeling context.
    • Guidance on cybersecurity standards and risk mitigation for high-risk sectors such as Healthcare and Smart Buildings (IEC/ANSI 62443).
  • Knowledge Base Development: His research directly informs the security content and intelligence within the IriusRisk product, ensuring the platform remains current with industry standards and emerging threats.

Blogs by

Lamine Aouad

Threat Modeling
AI & ML
Securing ML/AI Systems and Applications
October 16, 2023
Read post
Methodologies & Frameworks
Standards, Compliance and Regulations
Operational technology
The ultimate 2025 guide to IEC 62443: 7 key steps to secure industrial control systems
July 12, 2023
Read post
Standards, Compliance and Regulations
Software security
Operational technology
Securing Industry 4.0 - The Case of Railway Automation
June 16, 2023
Read post
Methodologies & Frameworks
Software security
Operational technology
MITRE ATT&CK for Industrial Control Systems in IriusRisk
June 9, 2023
Read post
Methodologies & Frameworks
NIST Threat Modeling: Recommendations and Methodology
April 28, 2023
Read post
Cloud Security
Threat Modeling
Supply Chain Security
ICS Security in the Cloud Era: The Risks and How to Outsmart Them
March 27, 2023
Read post
Software security
Threat Modeling
Threat Modeling vs. Vulnerability Management: The critical difference you can’t ignore
February 9, 2023
Read post
Software security
Threat Modeling
Operational technology
Automotive cybersecurity
January 30, 2023
Read post
Software security
Threat Modeling
Implementing Security: what technology for which controls?
December 15, 2022
Read post
Risk Management
Software security
Threat Modeling
Healthcare Cybersecurity: the challenges and how to mitigate the risks
December 12, 2022
Read post
Standards, Compliance and Regulations
Software security
Threat Modeling
Securing the Software Supply Chain
November 8, 2022
Read post
Compliance & Regulation
Threat Modeling
Use Case - Threat Modeling Smart Buildings with IEC/ANSI 62443
September 22, 2022
Read post
Community Edition
IriusRisk Community Edition Hits Four Thousand Users
April 6, 2022
Read post