Addressing the human layer in cybersecurity systems.
About
Pauline Bourmeau is an independent security researcher focused on the human layer within cybersecurity systems. Her work blends deep technical capabilities with the humanities — bringing together AI, linguistics, and threat intelligence with cognitive psychology as the central pivot.
She has consulted on multilingual natural language processing, led deep learning and NLP workshops internationally, and created training materials blending STEM with human factors. As founder of DEFCON Group Paris (DC11331) and contributor to the MISP project, she actively advances collaborative cybersecurity practices.
Previously, Pauline worked as a Threat Intelligence Analyst at Corexalys (Chapvision), contributing to the AIL Framework under a European research initiative and conducting OSINT, HUMINT, and SOCINT analysis to profile threats and investigate APTs. Her expertise bridges AI, linguistics, and human cognition, bringing a unique perspective to information security and intelligence challenges.
In the education sector, she served as a tutor at the University of Paris Descartes, and taught French as a foreign language and literacy instruction to war refugees. She teaches what she researches — her courses and workshops grow directly from active fieldwork.
Pauline is also a paraclimber — a medal-winning athlete with a disability at the French Paraclimbing Championships.
Research Focus
Current Research
While technical and procedural aspects of threat intelligence sharing are well-studied, its social and cultural dimensions remain underexplored. This research examines how sharing communities actually operate within platforms like MISP — the incentives, the friction, and the human dynamics that determine what gets shared and what doesn’t.
The methodology combines platform statistics and technical observations with semi-structured interviews across sharing communities, mapping the gap between how tools are designed to be used and how practitioners actually use them.
Published as a named research project on the MISP Research Projects page
An informal, ongoing exploration of how AI can ease the cognitive load on analysts and knowledge workers — supporting attention, memory, and decision-making under pressure rather than adding to the noise. Observations are drawn from security professionals and web creators.
Graduate Education
Writing & Essays
Security Work — Cubessa
Speaking & Workshops
2025 — Vision, Emotion & Intelligence
2023–2024 — NLP & AI in Security
2018–2020 — Hardware, Firmware & Foundations
Projects
Online Resources for Crime Reporting and Investigation — a curated list of open resources for investigating criminal activity online.
Linguist contributor to Connecting Europe Facility, European project 2020-EU-IA-0260 — a cross-border joint threat analysis initiative.
A free, open course spanning beginner to intermediate NLP, updated for Transformers v5. nlpforcoders.com
A one-day hands-on training on the fastai deep learning library, designed for security practitioners. Covering image classification, transfer learning, and practical applications in threat detection. Delivered at Bsides Luxembourg.
A long-running workshop delivered at international security conferences since 2024, introducing NLP to non-specialists with no prior machine learning background. The material evolves continuously, incorporating new approaches and tools as the field moves.
An NLP-based phishing detection system developed as part of SPOT Project, co-financed by the LU-CID initiative, Luxembourg's Ministry of the Economy. Combines linguistic pattern analysis with machine learning classifiers to identify phishing attempts at scale.
Contact
I read everything. I don’t always reply quickly, but I do reply. If you want to link to something here, go ahead.